Placing the order from the products on the cart.
support, ws.webtv, api, store, place, order
GET vars specific to this request:
Var | Value | Description |
go | store | The API section |
do | place_order | The API action |
iq | User ID | The User ID |
Resulting Request URL:
The resulting request URL would be similar to this (don't forget to append the required info: key, timestamp, salt and signature):
https://....../api.php?go=store&do=place_order&iq={user_id}&{required information}
The following POST vars are optional.
Var | Value | Description |
notify_buyer | (int) 0|1 | Whether to notify the User about the order being placed - default value = 1. |
buyer_ip | (string) IP Address | User IP. |
buyer_useragent | (string) User Agent | The User Agent. |
If the request was successful, you'll receive a response containing:
• ok: ...
• id: The order ID.
Example:
{ "ok" : "Order was placed" , "id" : 319 } |
If the request failed (for example, if no signature was provided in the request), you'll receive a response like the following:
{ "error" : "REQUEST_ERROR" , "error_long" : "Missing signature" } |
Possible Error Messages
Besides the general errors, this request can return the following errors:
• REQUEST_ERROR | Invalid User ID:
The User ID was not specified or it is invalid/lower than 1.
• ERROR_ORDER_ALREADY_PLACED | Can't place order because there is already a current order:
• ERROR_EMPTY_CART | Can't place order because cart is empty:
• ERROR_MIN_PURCHASE | Can't place order because because the items do not total the minimum required amount:
Preparing GET and POST data.
1 2 3 4 5 6 7 8 9 10 11 12 13 | // The GET vars $GET_VARS = array ( "go" => "store" , "do" => "place_order" , "iq" => "2" ); // The POST vars $POST_VARS = array ( "notify_buyer" => 1, "buyer_ip" => "8.8.8.8" , "buyer_useragent" => "Mozilla/5.0 (Linux; Android 7.0; SAMSUNG SM-G950F Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/5.2 Chrome/51.0.2704.106 Mobile Safari/537.36" ); |
Generating the salt, timestamp, signature and sending the request
*** The following code block is common to all signed requests ***
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 | // Collect the API Base URL and Credential info $API_KEY_ID = "1b323a1cb879fd4e66530fbad07a32ee" ; $API_SHARED_SECRET = "MWIzMjNhMWNiODc5ZmQ0ZTY2NTMwZmJhZDA3YTMyZWViOTQ3MDJiOGM2ZTU2NjE3" ; // keep this safe!!! // Generating salt and timestamp $salt = md5(mt_rand()); $timestamp = time(); $signature = base64_encode (hash_hmac( 'sha256' , $salt . $timestamp , $API_SHARED_SECRET , true)); // Generating the validation signature // - Default method: using base64_encode(hash_hmac(...)) $signature = base64_encode (hash_hmac( 'sha256' , $salt . $timestamp , $API_SHARED_SECRET , true)); // comment this line if using the next method // - Simplified method - available since v60: using md5(). // This method requires the variable $API_SIGNATURE_GENERATION_MODE = 1; in the config/Config.inc.php file. // $signature = md5($salt."-".$timestamp."-".$API_SHARED_SECRET); // you must "uncomment" this line when using the simplified method // Append the timestamp, salt, key and signature to the GET vars $GET_VARS [ "timestamp" ] = $timestamp ; // UTC timestamp $GET_VARS [ "salt" ] = $salt ; $GET_VARS [ "key" ] = $API_KEY_ID ; // The API Key ID: This is public and is used by the API to identify the application; $GET_VARS [ "signature" ] = $signature ; // Create the request URL. Please note that if you do not use PHP buit in function // to create the HTTP query then don't forget to URL encode the values $REQUEST_URL = $API_URL . "?" .http_build_query( $GET_VARS ); // The previous will build an URL like .../api.php?go=api_subject&do=api_action&etc... // Create a new cURL resource and set the appropriate options $ch = curl_init(); curl_setopt( $ch , CURLOPT_URL, $REQUEST_URL ); curl_setopt( $ch , CURLOPT_POST, true); curl_setopt( $ch , CURLOPT_RETURNTRANSFER, true); curl_setopt( $ch , CURLOPT_HEADER, false); curl_setopt( $ch , CURLOPT_POSTFIELDS, $POST_VARS ); // If your PHP host does not have a valid SSL certificate, you will need to turn off SSL // Certificate Verification. This is dangerous (!), and should only be done temporarily // until a valid certificate has been installed curl_setopt( $ch , CURLOPT_SSL_VERIFYHOST, false); // Turns off verification of the SSL certificate. curl_setopt( $ch , CURLOPT_SSL_VERIFYPEER, false); // Turns off verification of the SSL certificate. // Sending the request to the API $response = curl_exec( $ch ); // Processing the response if (! $response ) { echo 'API call failed' ; } else { print_r(json_decode( $response ,true)); } |