Enter your email address to subscribe to this blog.

Recent Comments

Intro to Spring Security Core for Grails
Eric Pierce said: Thanks for these screencasts, Dan! You made it crazy simple to get up and running w/security core h... [More]

Removing duplicates from an array of objects
Arvind said: Great tip, can't thank you enough for this. [More]

Intro to Spring Security Core for Grails
Santosh said: Thanks much for putting up these screencasts. As the others here I'm a beginner and I've been having... [More]

Grails Spring Security Plugin - Logout postOnly setting
eriihine said: I still had some issues with this one. It seems that the href link is always generating a GET method... [More]

Intro to Spring Security Core for Grails
Dan Vega said: Just a heads up but I decided to write up a quick post on your question just in case it trips up any... [More]

PayPal PayflowPro RESULT=117 Failed merchant rule check

I am upgrading an online shopping cart for a friend over the holidays. We are moving over to Slatwall and yesterday I was having some issues with the credit card processing using PayflowPro. Whenever I would submit a test card (from the documentation) I would receive the following response.

RESULT=117&PNREF=B11P5DEBFF57&RESPMSG=Failed merchant rule check

I knew my account information was correct so that couldn't be the issue. I did some digging and found out that a 117 is caused by one or more of the following.

  • An attempt was made to submit a transaction that failed to meet the security settings specified on the PayPal Manager Security Settings page. If the transaction exceeded the Maximum Amount security setting, then no values are returned for AVS or Card Security Code.
  • AVS validation failed. The AVS return value should appear in the RESPMSG.
  • Card Security Code validation failed. The Card Security Code return value should appear in the RESPMSG

Based on the fact that I was not getting back an AVS or CVV value in the response message I figured It had to do with my security settings. I did a little more digging through the documentation and found this.

IMPORTANT:The default security setting for Payflow Pro accounts is Allow non-referenced credits = No, so sending the ORIGID is the preferred method for performing Credit transactions. Using the ACCT, EXPDATE, or AMT parameters for such accounts leads to RESULT value 117 (failed the security check).
After I found that I went and updated my security settings and was now able to submit my test transactions.


PayPal PayflowPro Integration Update

This is just a quick announcement to anyone how ever worked with or currently is working with the PayflowPro SDK. A customer of mine logged into their PayflowPro manager the other day and was greeted with the following message.

Continue Reading >>


cfPayflowPro Invalid date bug

I updated the cfpayflowpro project this morning to fix a bug that surprisingly was only affecting certain users. I think everyone should be safe upgrading here because it was a small fix. If you were using the previous download and receiving an invalid date it was because of the following code. The slash mark just needs to be removed so the date is 4 digits. I also added subversion access and posted the code. I have listed the links for the project below.

<cfset pp.expdate = "08/07">

Project Link -
Subversion Access -


PayPal IPN API Change?

Trying saying that title 5 times fast! I have a customer that uses the PayPal IPN (Instant Payment Notification) service. The way the service works is pretty basic. A users places products in a cart on your site, when they are ready to place an order they are transfered to PayPal to place the order. When the order is complete you are transfered back to your shopping cart. So far so simple right? Up until about 2 weeks ago I would say yes.

The code on the site has been working great for the past 3 years and really no complaints from the customer. All of a sudden I have been seeing many errors come through telling me that form.fieldnames is undefined. This is how they used to pass transaction parameters back, through a form structure. Without any warning or announcement (at least that I am aware of) the service no longer passes back a form structure, everything is sent through the URL. I am just amazed that they would change the service like this. I know have to go through and change the code for the client.

Is anyone else having this problem or are they playing a joke on me? If this was public knowledge & no I did not get the memo (Peter)(office space) than I apologize. I am pretty deep in the programming community and have to believe that I would have found out about this If an announcement was made. Ok rant over, please leave a comment If you are having this problem or If I was the one to notify you of it!


cfPayflowPro Alpha Release

I am happy to announce that I have finally got this code up to par for an alpha release. As the name implies this project is a wrapper for the Paypal Payflow Pro payment gateway. This article will help explain more about the payment gateway, the project itself and why I felt it was needed.

What is Payflow Pro?
If you have been developing for a few years then you may remember that the Payflow Pro gateway was once owned by Verisign. This is the same gateway but in my opinion the product and support has improved in the hands of PayPal. Payflow Pro, a market-leading payment gateway, connects your online store to your existing Internet merchant account. It enables your business to:

  • Accept credit cards, debit cards, more. Plus accept PayPal too (U.S.only).
  • Optimize the customer experience by letting shoppers complete the checkout process without leaving your website.
  • Stay secure with access to one of the most powerful risk-management systems.
  • Integrate easily. Payflow Pro is pre-integrated into many shopping carts.
So now you know what it is and I bet your asking well how does it work? Glad you asked

1. Customers make purchases through your website, using your storefront.
2. Your storefront application passes the transaction data to the Payflow Pro gateway client.
3. The client sends the data to PayPal, and the Payflow processing cycle begins. We securely route your customer's information through the network of processors and financial institutions.
4. Your customer's bank authorizes or declines the transaction and notifies PayPal.
5. Upon approval, PayPal sends you a confirmation. The entire approval process usually takes less than three seconds.
6. You decide whether or not to settle the transaction. When you settle the transaction, your bank credits your merchant account.

Payflow Pro Online Payment Gateway

The Problem
Now that we know a little bit more about the PayflowPro gateway I would like to explain why this project is needed. I have been using the Payflow (Verisign & Paypal) gateway for a couple of years now in my ColdFusion development and it has never been easy. In the past you had to install a CFX tag. Not sure what a cfx tag is?
* ColdFusion Extension (CFX) tags are custom tags that you write in Java or C++. Generally, you create a CFX tag to do something that is not possible in CFML. CFX tags also let you use existing Java or C++ code in your ColdFusion application. While CFX tags offered a great extension to the ColdFusion language they had to be installed on the server. This made it very hard for those of us in a shared hosting environment. Ok so now we know a little bit about about the problem lets look at the solution

The Solution
The solution was the product of another great open source project. Mark Mandel created JavaLoader and it is really the backbone of this project. The main purpose of this project is that it allows you to load external Java libraries at runtime. With that ability this project was born. cfPayflowPro will load the external Java libraries for the Payflow Pro gateway and allow you to use these libraries in ColdFusion. This project solves 2 big problems. It allows you to integrate PayflowPro without any hard installations and it in turns ads support for ColdFusion 8. I was reading on a forum post that people were having a hard time getting it to work on Scorpio.

The Code
The first thing we need to do is load JavaLoader into the server scope. Mark Mandel wrote an interesting article on why you should do this. The path you are setting is the absolute path the payflowpro jar file.
view plain print about
1<cfcomponent displayname="Application Component" output="false">
3    <cfset this.applicationName = "cfPayflowPro">
5    <cffunction name="onRequest">
6        <cfargument name="targetTemplate" type="String" required="true" />
7        <cfif not isDefined("server.init") OR structKeyExists(url,"reinit")>
9            <!--- JavaLoader handles creation of Java objects from external Java libraries. --->
10            <cfset loadPaths = arrayNew(1)>
11            <cfset loadPaths[1] = "C:\ColdFusion8\wwwroot\paypal\lib\Verisign.jar">
12            <!--- create the loader --->
13            <cfset loader = createObject("component","com.compoundtheory.javaLoader.javaloader").init(loadPaths)>
14            <!--- create the class instance --->
15            <cfset server.pfpro = loader.create("com.Verisign.payment.PFProAPI")>
17            <cfhtmlhead text="<script language='javascript'>alert('Server.pfpro Initialized')</script>">
18            <cfset server.init = true>
19        </cfif>
21        <cfinclude template="#arguments.targetTemplate#">
22    </cffunction>

In the index file I set a structure of all the parameters that I need to pass. After I have created my structure I instantiate my PayflowPro component. Next we need to set our certificate path, create our context and set our param list and pass in our structure. Finally we submit our transaction which will return the response from payflow and destroy our context.
view plain print about
1<!--- PayFlow Pro Paramaters --->
2    <cfset pp = structNew()>
3    <cfset pp.user = "username">
4    <cfset pp.vendor = "">
5    <cfset pp.partner = "paypal">
6    <cfset pp.pwd = "password">
7    <cfset pp.trxtype = "S">
8    <cfset pp.tender = "C">
9    <cfset pp.acct = "4111111111111111">
10    <cfset pp.expdate = "06/05">
11    <cfset pp.accttype = "Visa">
12    <cfset pp.amt = ".01">
13    <cfset pp.currency = "USD">
14    <cfset pp.cvv2 = "111">
15    <cfset pp.street = "555 Main Streets">
16    <cfset = "Cleveland">
17    <cfset pp.state = "OHIO">
18    <cfset = "US">
19    <cfset = "44113">
20    <cfset pp.firstname = "Dan">
21    <cfset pp.lastname = "Vega">
22    <cfset pp.clientip = CGI.REMOTE_ADDR>    
23    <cfset pp.comment1 = "comm1,java test">
24    <cfset pp.comment2 = "comm2,java test">
25    <cfset pp.custref = "">
26    <cfset pp.invnum = "123456">
28    <!--- pass a reference to our payflow component --->
29    <cfset payflowpro = createObject("component","com.paypal.PayflowPro").init(server.pfpro)>
30    <!--- set the certificate path --->
31    <cfset payflowpro.setCertPath("C:\ColdFusion8\wwwroot\paypal\certs")>
32    <!--- setup the context --->
33    <cfset payflowpro.createContext("",443,30)>
34    <!--- pass the transaction parameters --->
35    <cfset payflowpro.setParamList(pp)>
36    <!--- submit the transaction, the response from the gateway is a delimited string --->
37    <cfset response = payflowpro.submitTransaction()>
38    <!--- destroy the context --->
39    <cfset payflowpro.destroyContext()>
41    <!--- parse the response --->
42    <cfset rh = createObject("component","com.paypal.ResponseHandler").init(response)>
43    <cfset answer = rh.responseToStruct()>
45    <cfdump var="#response#">
46    <cfdump var="#answer#">

After we have got the response back from PayflowPro we instantiate our ResponseHandler component that has one method at the time. This method will take our response string and parse it into a structure.
view plain print about
1<!--- parse the response --->
2    <cfset rh = createObject("component","com.paypal.ResponseHandler").init(response)>
3    <cfset answer = rh.responseToStruct()>
5    <cfdump var="#response#">
6    <cfdump var="#answer#">

I would love to hear what others think of the project and any comments / suggestions / complains are welcome. I have had a couple of alpha testers but a big thanks to Dave Cordes as he provided some great feedback to get me to the alpha release. You can download the project by visiting the project at riaforge.



More Entries