navigate is proceed";
// Validate and clean the user input here
$strBillingFirstnames = cleaninput($_REQUEST["BillingFirstnames"], "Text");
$strBillingSurname = cleaninput($_REQUEST["BillingSurname"], "Text");
$strBillingAddress1 = cleaninput($_REQUEST["BillingAddress1"], "Text");
$strBillingAddress2 = cleaninput($_REQUEST["BillingAddress2"], "Text");
$strBillingCity = cleaninput($_REQUEST["BillingCity"], "Text");
$strBillingPostCode = cleaninput($_REQUEST["BillingPostCode"], "Text");
$strBillingCountry = cleaninput($_REQUEST["BillingCountry"], "Text");
$strBillingState = cleaninput($_REQUEST["BillingState"], "Text");
$strBillingPhone = cleaninput($_REQUEST["BillingPhone"], "Text");
$strCustomerEMail = cleaninput($_REQUEST["CustomerEMail"], "Text");
$strDeliveryFirstnames = cleaninput($_REQUEST["DeliveryFirstnames"], "Text");
$strDeliverySurname = cleaninput($_REQUEST["DeliverySurname"], "Text");
$strDeliveryAddress1 = cleaninput($_REQUEST["DeliveryAddress1"], "Text");
$strDeliveryAddress2 = cleaninput($_REQUEST["DeliveryAddress2"], "Text");
$strDeliveryCity = cleaninput($_REQUEST["DeliveryCity"], "Text");
$strDeliveryPostCode = cleaninput($_REQUEST["DeliveryPostCode"], "Text");
$strDeliveryCountry = cleaninput($_REQUEST["DeliveryCountry"], "Text");
$strDeliveryState = cleaninput($_REQUEST["DeliveryState"], "Text");
$strDeliveryPhone = cleaninput($_REQUEST["DeliveryPhone"], "Text");
if ($_REQUEST["IsDeliverySame"]=="YES")
$bIsDeliverySame=true;
else
$bIsDeliverySame=false;
// Validate the compulsory fields
if (strlen($strBillingFirstnames)==0)
$strPageError="Please enter your Billing First Names(s) where requested below.";
else if (strlen($strBillingSurname)==0)
$strPageError="Please enter your Billing Surname where requested below.";
else if (strlen($strBillingAddress1)==0)
$strPageError="Please enter your Billing Address Line 1 where requested below.";
else if (strlen($strBillingCity)==0)
$strPageError="Please enter your Billing City where requested below.";
else if (strlen($strBillingPostCode)==0)
$strPageError="Please enter your Billing Post Code where requested below.";
else if (strlen($strBillingCountry)==0)
$strPageError="Please select your Billing Country where requested below.";
else if ((strlen($strBillingState) == 0) and ($strBillingCountry == "US"))
$strPageError="Please enter your State code as you have selected United States for billing country.";
else if (is_valid_email($strCustomerEMail)==false)
$strPageError="The email address entered was invalid.";
else if (($bIsDeliverySame==false) and strlen($strDeliveryFirstnames)==0)
$strPageError="Please enter your Delivery First Names(s) where requested below.";
else if (($bIsDeliverySame==false) and strlen($strDeliverySurname)==0)
$strPageError="Please enter your Delivery Surname where requested below.";
else if (($bIsDeliverySame==false) and strlen($strDeliveryAddress1)==0)
$strPageError="Please enter your Delivery Address Line 1 where requested below.";
else if (($bIsDeliverySame==false) and strlen($strDeliveryCity)==0)
$strPageError="Please enter your Delivery City where requested below.";
else if (($bIsDeliverySame==false) and strlen($strDeliveryPostCode)==0)
$strPageError="Please enter your Delivery Post Code where requested below.";
else if (($bIsDeliverySame==false) and strlen($strDeliveryCountry)==0)
$strPageError="Please select your Delivery Country where requested below.";
else if (($bIsDeliverySame==false) and (strlen($strDeliveryState) == 0) and ($strDeliveryCountry == "US"))
$strPageError="Please enter your State code as you have selected United States for delivery country.";
else {
//** All validations have passed, so store the details in the session **
$_SESSION["strBillingFirstnames"] = $strBillingFirstnames;
$_SESSION["strBillingSurname"] = $strBillingSurname;
$_SESSION["strBillingAddress1"] = $strBillingAddress1;
$_SESSION["strBillingAddress2"] = $strBillingAddress2;
$_SESSION["strBillingCity"] = $strBillingCity;
$_SESSION["strBillingPostCode"] = $strBillingPostCode;
$_SESSION["strBillingCountry"] = $strBillingCountry;
$_SESSION["strBillingState"] = $strBillingState;
$_SESSION["strBillingPhone"] = $strBillingPhone;
$_SESSION["strCustomerEMail"] = $strCustomerEMail;
$_SESSION["bIsDeliverySame"] = $bIsDeliverySame;
if ($bIsDeliverySame == true) {
$_SESSION["strDeliveryFirstnames"] = $strBillingFirstnames;
$_SESSION["strDeliverySurname"] = $strBillingSurname;
$_SESSION["strDeliveryAddress1"] = $strBillingAddress1;
$_SESSION["strDeliveryAddress2"] = $strBillingAddress2;
$_SESSION["strDeliveryCity"] = $strBillingCity;
$_SESSION["strDeliveryPostCode"] = $strBillingPostCode;
$_SESSION["strDeliveryCountry"] = $strBillingCountry;
$_SESSION["strDeliveryState"] = $strBillingState;
$_SESSION["strDeliveryPhone"] = $strBillingPhone;
} else {
$_SESSION["strDeliveryFirstnames"] = $strDeliveryFirstnames;
$_SESSION["strDeliverySurname"] = $strDeliverySurname;
$_SESSION["strDeliveryAddress1"] = $strDeliveryAddress1;
$_SESSION["strDeliveryAddress2"] = $strDeliveryAddress2;
$_SESSION["strDeliveryCity"] = $strDeliveryCity;
$_SESSION["strDeliveryPostCode"] = $strDeliveryPostCode;
$_SESSION["strDeliveryCountry"] = $strDeliveryCountry;
$_SESSION["strDeliveryState"] = $strDeliveryState;
$_SESSION["strDeliveryPhone"] = $strDeliveryPhone;
}
// We're all good, data has been written to the session
// Now go to the order confirmation page
ob_end_flush();
#echo "
sent to orderConfirmationPage page by fSagepay_CustomerDetails";
sagepay_redirect($SagePayDefaults['OrderConfirmationPage']);
}
} else {
// this means they just arrived at the page, so it the details are in the session we can populate the form
// Populate customer details from the session if they are there
$strBillingFirstnames = $_SESSION["strBillingFirstnames"];
$strBillingSurname = $_SESSION["strBillingSurname"];
$strBillingAddress1 = $_SESSION["strBillingAddress1"];
$strBillingAddress2 = $_SESSION["strBillingAddress2"];
$strBillingCity = $_SESSION["strBillingCity"];
$strBillingPostCode = $_SESSION["strBillingPostCode"];
$strBillingCountry = $_SESSION["strBillingCountry"];
$strBillingState = $_SESSION["strBillingState"];
$strBillingPhone = $_SESSION["strBillingPhone"];
$strCustomerEMail = $_SESSION["strCustomerEMail"];
$bIsDeliverySame = $_SESSION["bIsDeliverySame"];
$strDeliveryFirstnames = $_SESSION["strDeliveryFirstnames"];
$strDeliverySurname = $_SESSION["strDeliverySurname"];
$strDeliveryAddress1 = $_SESSION["strDeliveryAddress1"];
$strDeliveryAddress2 = $_SESSION["strDeliveryAddress2"];
$strDeliveryCity = $_SESSION["strDeliveryCity"];
$strDeliveryPostCode = $_SESSION["strDeliveryPostCode"];
$strDeliveryCountry = $_SESSION["strDeliveryCountry"];
$strDeliveryState = $_SESSION["strDeliveryState"];
$strDeliveryPhone = $_SESSION["strDeliveryPhone"];
}
// write from the session to local vars
$strProductName = $_SESSION["strProductName"];
if (strlen($strProductName)==0) {
// the session value is empty, so we'll read in the URL
// Store the purchase info in a local var
$strProductName = $_REQUEST["ProductName"];
// check it is not empty from the request, if it is, it means they have not bough anything yet
// so we'll send them back home
if (strlen($strProductName)==0) {
#echo "
sent to welcomePage page by fSagepay_CustomerDetails, no strProductName";
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// and in the session
$_SESSION["strProductName"] = $strProductName;
#echo "
session empty, got from request ";
} else {
// it was in the session
#echo "
session ok, saved to var ";
}
// write from the session to local vars
$strProductValue = $_SESSION["strProductValue"];
if (strlen($strProductValue)==0) {
// the session value is empty, so we'll read in the URL
// Store the purchase info in a local var
$strProductValue = $_REQUEST["ProductValue"];
// check it is not empty from the request, if it is, it means they have not bough anything yet
// so we'll send them back home
if (strlen($strProductValue)==0) {
#echo "
sent to welcomePage page by fSagepay_CustomerDetails, no strProductValue";
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// and in the session
$_SESSION["strProductValue"] = $strProductValue;
#echo "
session empty, got from request ";
} else {
// it was in the session
#echo "
\n";
$output .= "\n";
return Keep($output);
}
/**************************************************************************************************/
/* fSagepay_OrderConfirmation */
/**************************************************************************************************/
function fSagepay_OrderConfirmation($opts) {
global $SagePayDefaults;
// Check we have a billing address in the session. If not, go back to the customerDetails page to get one
if (strlen($_SESSION["strBillingAddress1"])==0) {
ob_end_flush();
sagepay_redirect($SagePayDefaults['welcomePage']);
#echo "sent to welcomePage page by fSagepay_OrderConfirmation because no strBillingAddress1";
}
// Check we have a strProductName in the session. If not, go back to the customerDetails page to get one
if (strlen($_SESSION["strProductName"])==0) {
ob_end_flush();
sagepay_redirect($SagePayDefaults['welcomePage']);
#echo "sent to welcomePage page by fSagepay_OrderConfirmation because no strProductName";
}
//** Gather customer details from the session **
$strCustomerEMail = $_SESSION["strCustomerEMail"];
$strBillingFirstnames = $_SESSION["strBillingFirstnames"];
$strBillingSurname = $_SESSION["strBillingSurname"];
$strBillingAddress1 = $_SESSION["strBillingAddress1"];
$strBillingAddress2 = $_SESSION["strBillingAddress2"];
$strBillingCity = $_SESSION["strBillingCity"];
$strBillingPostCode = $_SESSION["strBillingPostCode"];
$strBillingCountry = $_SESSION["strBillingCountry"];
$strBillingState = $_SESSION["strBillingState"];
$strBillingPhone = $_SESSION["strBillingPhone"];
$bIsDeliverySame = $_SESSION["bIsDeliverySame"];
$strDeliveryFirstnames = $_SESSION["strDeliveryFirstnames"];
$strDeliverySurname = $_SESSION["strDeliverySurname"];
$strDeliveryAddress1 = $_SESSION["strDeliveryAddress1"];
$strDeliveryAddress2 = $_SESSION["strDeliveryAddress2"];
$strDeliveryCity = $_SESSION["strDeliveryCity"];
$strDeliveryPostCode = $_SESSION["strDeliveryPostCode"];
$strDeliveryCountry = $_SESSION["strDeliveryCountry"];
$strDeliveryState = $_SESSION["strDeliveryState"];
$strDeliveryPhone = $_SESSION["strDeliveryPhone"];
$strProductName = $_SESSION["strProductName"];
$strProductValue = $_SESSION["strProductValue"];
/** Okay, build the crypt field for VSP Form using the information in our session **
*** First we need to generate a unique VendorTxCode for this transaction **
*** We're using VendorName, time stamp and a random element. You can use different methods if you wish **
*** but the VendorTxCode MUST be unique for each transaction you send to VSP Server **/
$intRandNum = rand(0,32000)*rand(0,32000);
$strVendorTxCode = $SagePayDefaults['strVSPVendorName'] . $intRandNum;
/* Now set the basket */
$sngTotal = number_format($strProductValue,2);
$strBasket = "" . $strProductName . ":1:" . $sngTotal . ":-:" . $sngTotal . ":" . $sngTotal;
// Now to build the VSP Form crypt field. For more details see the VSP Form Protocol 2.23
$strPost = "VendorTxCode=" . $strVendorTxCode; /** As generated above **/
// Optional: If you are a Protx Partner and wish to flag the transactions with your unique partner id, it should be passed here
if (strlen($SagePayDefaults['strPartnerID']) > 0)
$strPost = $strPost . "&ReferrerID=" . $SagePayDefaults['strPartnerID'];
$strPost = $strPost . "&Amount=" . number_format($sngTotal,2); // Formatted to 2 decimal places with leading digit
$strPost = $strPost . "&Currency=" . $SagePayDefaults['strCurrency'];
// Up to 100 chars of free format description
$strPost = $strPost . "&Description=" . $SagePayDefaults['strVendorDescription'];
/* The SuccessURL is the page to which VSP Form returns the customer if the transaction is successful
** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */
$strPost = $strPost . "&SuccessURL=" . $SagePayDefaults['strYourSiteFQDN'] . $SagePayDefaults['strVirtualDir'] . $SagePayDefaults['OrderSuccessfulPage'];
/* The FailureURL is the page to which VSP Form returns the customer if the transaction is unsuccessful
** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */
$strPost = $strPost . "&FailureURL=" . $SagePayDefaults['strYourSiteFQDN'] . $SagePayDefaults['strVirtualDir'] . $SagePayDefaults['OrderFailedPage'];
// This is an Optional setting. Here we are just using the Billing names given.
$strPost = $strPost . "&CustomerName=" . $strBillingFirstnames . " " . $strBillingSurname;
if (strlen($strCustomerEMail) > 0)
$strPost = $strPost . "&CustomerEMail=" . $strCustomerEMail; // This is an Optional setting
if (($SagePayDefaults['strVendorEMail'] <> "[your e-mail address]") && ($SagePayDefaults['strVendorEMail'] <> ""))
$strPost = $strPost . "&VendorEMail=" . $SagePayDefaults['strVendorEMail']; // This is an Optional setting
$strPost=$strPost . "&eMailMessage=";
// Billing Details:
$strPost=$strPost . "&BillingFirstnames=" . $strBillingFirstnames;
$strPost=$strPost . "&BillingSurname=" . $strBillingSurname;
$strPost=$strPost . "&BillingAddress1=" . $strBillingAddress1;
if (strlen($strBillingAddress2) > 0) $strPost=$strPost . "&BillingAddress2=" . $strBillingAddress2;
$strPost=$strPost . "&BillingCity=" . $strBillingCity;
$strPost=$strPost . "&BillingPostCode=" . $strBillingPostCode;
$strPost=$strPost . "&BillingCountry=" . $strBillingCountry;
if (strlen($strBillingState) > 0) $strPost=$strPost . "&BillingState=" . $strBillingState;
if (strlen($strBillingPhone) > 0) $strPost=$strPost . "&BillingPhone=" . $strBillingPhone;
// Delivery Details:
$strPost=$strPost . "&DeliveryFirstnames=" . $strDeliveryFirstnames;
$strPost=$strPost . "&DeliverySurname=" . $strDeliverySurname;
$strPost=$strPost . "&DeliveryAddress1=" . $strDeliveryAddress1;
if (strlen($strDeliveryAddress2) > 0) $strPost=$strPost . "&DeliveryAddress2=" . $strDeliveryAddress2;
$strPost=$strPost . "&DeliveryCity=" . $strDeliveryCity;
$strPost=$strPost . "&DeliveryPostCode=" . $strDeliveryPostCode;
$strPost=$strPost . "&DeliveryCountry=" . $strDeliveryCountry;
if (strlen($strDeliveryState) > 0) $strPost=$strPost . "&DeliveryState=" . $strDeliveryState;
if (strlen($strDeliveryPhone) > 0) $strPost=$strPost . "&DeliveryPhone=" . $strDeliveryPhone;
$strPost=$strPost . "&Basket=1:" . $strBasket; // As created above
// For charities registered for Gift Aid, set to 1 to display the Gift Aid check box on the payment pages
$strPost=$strPost . "&AllowGiftAid=0";
/* Allow fine control over AVS/CV2 checks and rules by changing this value. 0 is Default
** It can be changed dynamically, per transaction, if you wish. See the VSP Server Protocol document */
if ($SagePayDefaults['strTransactionType']!=="AUTHENTICATE")
$strPost=$strPost . "&ApplyAVSCV2=0";
/* Allow fine control over 3D-Secure checks and rules by changing this value. 0 is Default
** It can be changed dynamically, per transaction, if you wish. See the VSP Server Protocol document */
$strPost=$strPost . "&Apply3DSecure=0";
// Encrypt the plaintext string for inclusion in the hidden field
$strCrypt = base64Encode(SimpleXor($strPost,$SagePayDefaults['strEncryptionPassword']));
$output = "\n";
$output .= fSagepay_countrycodes();
$output .= "
Review And Confirm Your Order
\n";
$output .= " \n";
$output .= "
Please review purchases and contact details before payment.\n";
$output .= " Payment is via SagePay secure payment gateway, Sage is one of the UK most trusted business brands,\n";
$output .= " click here more details.\n";
$output .= " For guaranteed security, we do not store card numbers. \n";
$output .= " \n";
if ($SagePayDefaults['strConnectTo']!=="LIVE") {
$output .= "
\n";
$output .= " Because you are in " . $SagePayDefaults['strConnectTo'] . " mode, the unencrypted contents of the crypt field are also\n";
$output .= " displayed below, allowing you to check the contents. When you are in Live mode, you will only\n";
$output .= " see the order confirmation boxes.\n";
}
$output .= "
The box below shows the unencrypted contents of the VSP Form\n";
$output .= " Crypt field. This will not be displayed in LIVE mode. If you wish to view the encrypted and encoded\n";
$output .= " contents view the source of this page and scroll to the bottom. You'll find the submission FORM there.\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
Note: this long string will cause layout problems in some browsers. " . $strPost . "
\n";
$output .= "\n";
$output .= "\n\n";
return Keep($output);
}
/**************************************************************************************************/
/* fSagepay_OrderSuccessful */
/**************************************************************************************************/
function fSagepay_OrderSuccessful($opts) {
global $SagePayDefaults;
// Check for the proceed button click, and if so, go to the buildOrder page
if ($_REQUEST["navigate"]=="proceed") {
ob_end_flush();
// sagepay_redirect to next page
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// Now check we have a Crypt field passed to this page
$strCrypt=$_REQUEST["crypt"];
if (strlen($strCrypt)==0) {
ob_end_flush();
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// Now decode the Crypt field and extract the results
$strDecoded=simpleXor(Base64Decode($strCrypt),$SagePayDefaults['strEncryptionPassword']);
$values = getToken($strDecoded);
// Split out the useful information into variables we can use
$strStatus=$values['Status'];
$strStatusDetail=$values['StatusDetail'];
$strVendorTxCode=$values["VendorTxCode"];
$strVPSTxId=$values["VPSTxId"];
$strTxAuthNo=$values["TxAuthNo"];
$strAmount=$values["Amount"];
$strAVSCV2=$values["AVSCV2"];
$strAddressResult=$values["AddressResult"];
$strPostCodeResult=$values["PostCodeResult"];
$strCV2Result=$values["CV2Result"];
$strGiftAid=$values["GiftAid"];
$str3DSecureStatus=$values["3DSecureStatus"];
$strCAVV=$values["CAVV"];
$strCardType=$values["CardType"];
$strLast4Digits=$values["Last4Digits"];
$strAddressStatus=$values["AddressStatus"]; // PayPal transactions only
$strPayerStatus=$values["PayerStatus"]; // PayPal transactions only
// values from the session
$strCustomerEMail = $_SESSION["strCustomerEMail"];
$strBillingFirstnames = $_SESSION["strBillingFirstnames"];
$strBillingSurname = $_SESSION["strBillingSurname"];
$strBillingAddress1 = $_SESSION["strBillingAddress1"];
$strBillingAddress2 = $_SESSION["strBillingAddress2"];
$strBillingCity = $_SESSION["strBillingCity"];
$strBillingPostCode = $_SESSION["strBillingPostCode"];
$strBillingCountry = $_SESSION["strBillingCountry"];
$strBillingState = $_SESSION["strBillingState"];
$strBillingPhone = $_SESSION["strBillingPhone"];
$bIsDeliverySame = $_SESSION["bIsDeliverySame"];
$strDeliveryFirstnames = $_SESSION["strDeliveryFirstnames"];
$strDeliverySurname = $_SESSION["strDeliverySurname"];
$strDeliveryAddress1 = $_SESSION["strDeliveryAddress1"];
$strDeliveryAddress2 = $_SESSION["strDeliveryAddress2"];
$strDeliveryCity = $_SESSION["strDeliveryCity"];
$strDeliveryPostCode = $_SESSION["strDeliveryPostCode"];
$strDeliveryCountry = $_SESSION["strDeliveryCountry"];
$strDeliveryState = $_SESSION["strDeliveryState"];
$strDeliveryPhone = $_SESSION["strDeliveryPhone"];
$strProductName = $_SESSION["strProductName"];
$strProductValue = $_SESSION["strProductValue"];
// Empty the cart, we're done with it now because the order is successful
$_SESSION["strProductValue"] = "";
$_SESSION["strProductName"] = "";
$output = "\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
Your order has been Successful
\n";
$output .= " Your transaction has completed successfully, thank you for your order. \n";
$output .= " \n";
$output .= " Your order reference number is: " . $strVendorTxCode . " \n";
$output .= " \n";
$output .= " You should quote this in all correspondence with " . $SagePayDefaults['strVendorDescription'] . ". \n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
if ($SagePayDefaults['strConnectTo']!=="LIVE") {
$output .= "
";
return Keep($output);
}
/**************************************************************************************************/
/* fSagepay_OrderFailed */
/**************************************************************************************************/
function fSagepay_OrderFailed($opts) {
global $SagePayDefaults;
// Check for the proceed button click, and if so, go to the buildOrder page
if ($_REQUEST["navigate"]=="proceed") {
ob_end_flush();
// sagepay_redirect to next page
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// Now check we have a Crypt field passed to this page
$strCrypt=$_REQUEST["crypt"];
if (strlen($strCrypt)==0) {
ob_end_flush();
sagepay_redirect($SagePayDefaults['welcomePage']);
}
// Now decode the Crypt field and extract the results
$strDecoded=simpleXor(Base64Decode($strCrypt),$SagePayDefaults['strEncryptionPassword']);
$values = getToken($strDecoded);
// Split out the useful information into variables we can use
$strStatus=$values['Status'];
$strStatusDetail=$values['StatusDetail'];
$strVendorTxCode=$values["VendorTxCode"];
$strVPSTxId=$values["VPSTxId"];
$strTxAuthNo=$values["TxAuthNo"];
$strAmount=$values["Amount"];
$strAVSCV2=$values["AVSCV2"];
$strAddressResult=$values["AddressResult"];
$strPostCodeResult=$values["PostCodeResult"];
$strCV2Result=$values["CV2Result"];
$strGiftAid=$values["GiftAid"];
$str3DSecureStatus=$values["3DSecureStatus"];
$strCAVV=$values["CAVV"];
$strCardType=$values["CardType"];
$strLast4Digits=$values["Last4Digits"];
$strAddressStatus=$values["AddressStatus"]; // PayPal transactions only
$strPayerStatus=$values["PayerStatus"]; // PayPal transactions only
// values from the session
$strCustomerEMail = $_SESSION["strCustomerEMail"];
$strBillingFirstnames = $_SESSION["strBillingFirstnames"];
$strBillingSurname = $_SESSION["strBillingSurname"];
$strBillingAddress1 = $_SESSION["strBillingAddress1"];
$strBillingAddress2 = $_SESSION["strBillingAddress2"];
$strBillingCity = $_SESSION["strBillingCity"];
$strBillingPostCode = $_SESSION["strBillingPostCode"];
$strBillingCountry = $_SESSION["strBillingCountry"];
$strBillingState = $_SESSION["strBillingState"];
$strBillingPhone = $_SESSION["strBillingPhone"];
$bIsDeliverySame = $_SESSION["bIsDeliverySame"];
$strDeliveryFirstnames = $_SESSION["strDeliveryFirstnames"];
$strDeliverySurname = $_SESSION["strDeliverySurname"];
$strDeliveryAddress1 = $_SESSION["strDeliveryAddress1"];
$strDeliveryAddress2 = $_SESSION["strDeliveryAddress2"];
$strDeliveryCity = $_SESSION["strDeliveryCity"];
$strDeliveryPostCode = $_SESSION["strDeliveryPostCode"];
$strDeliveryCountry = $_SESSION["strDeliveryCountry"];
$strDeliveryState = $_SESSION["strDeliveryState"];
$strDeliveryPhone = $_SESSION["strDeliveryPhone"];
$strProductName = $_SESSION["strProductName"];
$strProductValue = $_SESSION["strProductValue"];
// Empty the cart, we're done with it now because the order is successful
$_SESSION["strProductValue"] = "";
$_SESSION["strProductName"] = "";
// Determine the reason this transaction was unsuccessful
if ($strStatus=="NOTAUTHED")
$strReason="You payment was declined by the bank. This could be due to insufficient funds, or incorrect card details. ".$SagePayDefaults['strVendorContactBlurb'];
else if ($strStatus=="ABORT")
$strReason="You chose to Cancel your order on the payment pages. If you wish to change your order and resubmit it you can do so here. ".$SagePayDefaults['strVendorContactBlurb'];
else if ($strStatus=="REJECTED")
$strReason="Your order did not meet our minimum fraud screening requirements. If you have questions about our fraud screening rules, or wish to contact us to discuss this. ".$SagePayDefaults['strVendorContactBlurb'];
else if ($strStatus=="INVALID" or strStatus=="MALFORMED")
$strReason="We could not process your order because we have been unable to register your transaction with our Payment Gateway. " . $SagePayDefaults['strVendorContactBlurb'];
else if ($strStatus=="ERROR")
$strReason="We could not process your order because our Payment Gateway service was experiencing difficulties. " . $SagePayDefaults['strVendorContactBlurb'];
else
$strReason="The transaction process failed. Please contact us with the date and time of your order and we will investigate." . $SagePayDefaults['strVendorContactBlurb'];
$output = "\n";
$output .= "\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
Your order has NOT been successful
\n";
$output .= " Sorry, your transaction did not complete successfully for the following reason: \n";
$output .= " " . $strReason . " \n";
$output .= " \n";
$output .= " Your order reference number is: " . $strVendorTxCode . "\n";
$output .= "
\n";
$output .= " You should quote this in all correspondence with " . $SagePayDefaults['strVendorDescription'] . ". \n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
$output .= "
\n";
if ($SagePayDefaults['strConnectTo']!=="LIVE") {
$output .= "