$value) { $value = trim($value); if (preg_match($mandatory, $value)) $found = true; $_POST[$key] = stripslashes(strip_tags($value)); } //flag if mail did not include mandatory fields that indicate a true WP callback if (!$found) { $error += 2; } //process some fields used more than once below //You may not need these preg_replace lines but in my case the address and order description fields had double line breaks (wrong code in jscript?) //which looked horrible so replace by one //note: For some reason mailing company address which is redirected to my personal address still gives extra spaces but mail direct to my personal address is ok $email = $_POST['M_email']; //customer email $addr = $_POST['M_orderaddr']; $addr = preg_replace('/\n/', "\t", $addr); $addr = preg_replace('/\t/', "\n", $addr); //order address $desc = $_POST['MC_desc']; $desc = preg_replace('/\n/', "\t", $desc); $desc = preg_replace('/\t/', "\n", $desc); //order description. List of what, number, price each, total $comm = $_POST['M_instructions']; $comm = preg_replace('/\n/', "\t", $comm); //any comments in comment box - if out leave behind coal bunker etc $comm = preg_replace('/\t/', "\n", $comm); //$error = 0; //temp test leave commented normally - you will need to uncomment this while testing from the test form page //echo "got to here 1
"; //temp test leave commented - shows how can reply with messages to the test form page //send main mail only if post appears to be a genuine worldpay callback if ($error==0) { //check for cancellation or failure //rawAuthMessage is supposed to contain any text received from the card holder's bank //however, if cancelled it will be trans.cancelled - this must be set by worldpay as nothing is sent to the bank if cancelled //this part seems reliable $status = "Success"; $amsg = $_POST['rawAuthMessage']; if (strpos($amsg, "cancelled") > 0) $status = "Cancelled"; //if the card is declined the message must come from card holder's bank, text may therefore vary and may not contain the world failed //have not pursued this point as if the payment is declined by the bank worldpay does not seem to send a callback message if (strpos($amsg, "failed") > 0) $status = "Failed"; //main message consists of contact details + order details $message .= "Name: {$_POST['M_name']} \n"; $message .= "School/Company: {$_POST['M_school']} \n"; $message .= "Delivery Address: \n$addr \n"; $message .= "\nTel: {$_POST['M_tel']} \n"; $message .= "Fax: {$_POST['M_fax']} \n"; $message .= "Email: {$_POST['M_email']} \n"; $message .= "\nOther comments: \n$comm \n"; $message .= "\nOrder details: \n$desc \n"; //M_postage and M_total and the invoice currency (GBP) not used as I included these in my MC_desc field but uncomment if you haven't //$message .= "Postage: {$_POST['M_postage']} \n"; //$message .= "Total: {$_POST['M_total']} "; //$message .= "{$_POST['currency']} \n"; //State that payment has been made already so they don't think its an invoice and pay again //This field shows what customer has paid in his own currency if different to yours //amount & currency fields are my payment and currency while authamount & authcurrency are customer's $message .= "\nAlready paid by credit or debit card: {$_POST['authAmount']} {$_POST['authCurrency']} \n"; //Send order to your company with obvious status //This will be a copy always sent even if failed or cancelled or in test mode so normally goes to technical bods $title = "Worldpay order: ".$status; $headers = "From: $email"."\r\n"; $headers .= "Reply-To: $email"; $recipient = $emailtech; mail($recipient,$title,$message,$headers); //send copy to customer (which might include you in test mode) and people in sales dept only if successful $sales = "No"; $accepts = " No"; $cust = "No"; $acceptc = " No"; if ($status=="Success") { //send to your sales department only if a real purchase, they don't want lots of confusing test stuff //Note that accept only shows mail server has accepted message not that anyone has actually received or opened it //if it shows ok here problem of non delivery will be further downstream - mail going into spam box most likely $test = $_POST['testMode']; if (trim($test) == "0") { $sales = "Yes"; $recipient = $emailsales; $stat = mail($recipient,$title,$message,$headers); if ($stat) $accepts = " Yes"; } //Send same message to customer except change of headers, acknowledgement and reply email address //the title includes your company name and the header sets the email address where any customer reply is sent //test messages are sent to customer because in test mode the customer is really you $cust = "Yes"; $message = "Thank you for your order. We aim to dispatch on the next working day. \n\n".$message; $title = "Your order to $coname"; $headers = "From: $emailreply"."\r\n"; $headers .= "Reply-To: $emailreply"; $recipient = $email; $stat = mail($recipient,$title,$message,$headers); if ($stat) $acceptc = " Yes"; } } //in separate message send all the other feedback in case any needed - some things like transid etc are useful when checking wp reports //once sure no error in above code this could go in above check if start getting spam $title = "Worldpay feedback"; $headers = "From: $email"; //status of this message $message = "Script error code: $error \n"; $message .= "Status: $status \n"; $message .= "testMode: {$_POST['testMode']} \n"; $message .= "Copy sent to sales dept and accepted: $sales.$accepts \n"; $message .= "Copy sent to customer and accepted: $cust.$acceptc \n"; $message .= "Worldpay IP Address :$ip \n"; $message .= "Worldpay URL :$hostname \n"; //my own details $message .= "installation: {$_POST['installation']} \n"; $message .= "instId: {$_POST['instId']} \n"; $message .= "M_recipient: {$_POST['M_recipient']} \n"; $message .= "compName: {$_POST['compName']} \n"; //transaction details $message .= "M_subject: {$_POST['M_subject']} \n"; $message .= "transId: {$_POST['transId']} \n"; $message .= "transStatus: {$_POST['transStatus']} \n"; $message .= "transTime: {$_POST['transTime']} \n"; $message .= "cartId: {$_POST['cartId']} \n"; $message .= "cardType: {$_POST['cardType']} \n"; //card holder details $message .= "name: {$_POST['name']} \n"; $message .= "address: {$_POST['address']} \n"; $message .= "postcode: {$_POST['postcode']} \n"; $message .= "country: {$_POST['country']} \n"; $message .= "countryString: {$_POST['countryString']} \n"; $message .= "tel: {$_POST['tel']} \n"; $message .= "ipAddress: {$_POST['ipAddress']} \n"; //order stuff $message .= "desc: {$_POST['desc']} \n"; $message .= "M_desc: {$_POST['M_desc']} \n"; $message .= "Postage: {$_POST['M_postage']} \n"; //authentication $message .= "msgType: {$_POST['msgType']} \n"; $message .= "rawAuthCode: {$_POST['rawAuthCode']} \n"; $message .= "authMode: {$_POST['authMode']} \n"; $message .= "rawAuthMessage: {$_POST['rawAuthMessage']} \n"; $message .= "authentication: {$_POST['authentication']} \n"; $message .= "countryMatch: {$_POST['countryMatch']} \n"; //amount in GBP $message .= "amount: {$_POST['amount']} \n"; $message .= "amountString: {$_POST['amountString']} \n"; $message .= "cost: {$_POST['cost']} \n"; $message .= "Total: {$_POST['M_total']} \n"; $message .= "currency: {$_POST['currency']} \n"; //amount paid in other currency if different $message .= "authCost: {$_POST['authCost']} \n"; $message .= "authAmountString: {$_POST['authAmountString']} \n"; //god nose what these are for $message .= "_SP.charEnc: {$_POST['_SP.charEnc']} \n"; $message .= "AVS: {$_POST['AVS']} \n"; $message .= "charenc: {$_POST['charenc']} \n"; $message .= "lang: {$_POST['lang']} \n"; $message .= "M_zone: {$_POST['M_zone']} \n"; //also include other stuff above that was processed rather than output directly, in case of a code cockup $message .= "M_orderaddr: {$_POST['M_orderaddr']} \n"; $message .= "M_instructions: {$_POST['M_instructions']} \n"; $message .= "MC_desc: {$_POST['MC_desc']} \n"; //send to company geeks $recipient = $emailtech; mail($recipient,$title,$message,$headers); //copy to another mail server just in case $recipient = $emailback; mail($recipient,$title,$message,$headers); unset($_SESSION['security_code']); ?>