[ic] Banca Sella interface tags

Massimiliano Ciancio mciancio@tiscalinet.it
Sun, 22 Oct 2000 12:12:32 +0200

Hi all,
I've developed an interface towards the italian online payment 
gateway Banca Sella for the http://www.ripani.com ecommerce (all
comments and criticisms are well accepted!). Now I want to post my
procedure to the mailing list in the hope that it may be useful to

Ok, now my solution.
Banca Sella assignes two parameters to any account: 
      an account code (BS_COD_ES in my tags) 
      a terminal id (BS_TERM_ID).
Moreover Banca Sella assignes two files of OTP (One Time Password):
OTP.ric contains OTP that you must pass them when you require an online
payment and that you must delete after passing them; OTP.ris instead
contains password that you must verify and delete when you return from
Banca Sella to your ecomm.

The outline of the procedure is the following:

                        returned params: a: transactionres (OK | KO)
                                         b: BS id
                                         c: OTP (verify and delete it)
 ------------           -------------           ------------
| your ecomm | ----->  | Banca Sella | ------> | your ecomm | 
 ------------     ^      -------------           ------------

 passed params: a: BS_COS_ES
                b: BS_TERM_ID * total_cost
                c: OTP (from OTP.ric file)
                d: BS id (your id identifing this transaction with BS)
                  (it must not be the same with your order id)

In catalog.cfg you must insert the following tags:

UserTag bs-prepare Routine <<EOR
sub {
    # account code
    $Vend::Session->{bs_a} = $::Variable->{BS_COD_ES};

    # price x terminal id
    $Vend::Session->{bs_b} = $::Variable->{BS_TERM_ID} *

    # select OTP.ric and deletes it (see man perlfaq5)
    my ($otp,$addr);
    open (FH, "+< $Vend::Cfg->{VendRoot}/$::Variable->{BS_OTP_RIC}") or
die "Can't open file: $!";
    flock(FH, 2) or die "Can't flock: $!";  # 2 = exclusive lock
    while ( <FH> ) { $otp=$_; $addr = tell(FH) unless eof(FH); }
    truncate(FH, $addr);
    flock(FH, 8) or die "Can't unlock: $!";  # 8 = unlock
    chomp $otp;
    $Vend::Session->{bs_c} = $otp;

    # banca sella order id
    $File::CounterFile::DEFAULT_DIR = $Vend::Cfg->{VendRoot};
    my $counter = new File::CounterFile $::Variable->{BS_COUNTER},
    $Vend::Session->{bs_d} = $counter->inc;

    # verifies if the number of OTP is less than the value of the
BS_MIN_PWD variable
    # and send an email if it is so
    my $buffer;
    my $lines = 0;
    open(FH, "$Vend::Cfg->{VendRoot}/$::Variable->{BS_OTP_RIC}") or die
"Can't open file: $!";
    while (sysread FH, $buffer, 4096) {
        $lines += ($buffer =~ tr/\n//);

    if ($lines < $::Variable->{BS_MIN_PWD}) {
        $Vend::Session->{bs_pwd_ending} = 1;
    else {
        $Vend::Session->{bs_pwd_ending} = 0;

    return '';

UserTag bs-confirm Order a b c
UserTag bs-confirm addAttr
UserTag bs-confirm Routine <<EOR
sub {
    # a=result, b=id_ord_bs, c=OTP.ris
    my ($a,$b,$c) = @_;

    $Vend::Session->{bs_a} = $a;
    $Vend::Session->{bs_b} = $b;
    $Vend::Session->{bs_c} = $c;
    $Vend::Session->{bs_result} = 1;

    # result verify
    if ($a eq "KO") {
        $Vend::Session->{bs_result} = 0;

    # verify and delete OTP.ris
    my $file="$Vend::Cfg->{VendRoot}/$::Variable->{BS_OTP_RIS}";
    my $old = $file;
    my $new = "$file.tmp.$$";
    open(OLD, "< $old")         or die "can't open $old: $!";
    open(NEW, "> $new")         or die "can't open $new: $!";
    my $tmp;
    my $found = 0;
    while (<OLD>) {
        $tmp = $_;
        if ($tmp eq $c) {
            $found = 1;
        else {
            (print NEW $_)      or die "can't write to $new: $!";

    close(OLD)                  or die "can't close $old: $!";
    close(NEW)                  or die "can't close $new: $!";

    rename($new, $old)          or die "can't rename $new to $old: $!";

    if (!$found) {
        $Vend::Session->{bs_result} = 0;

    return '';

moreover you must declare the following variables inside catalog.cfg

# Banca sella
Variable    BS_COD_ES       11111111              (your ones!)
Variable    BS_TERM_ID      11111111
Variable    BS_OTP_RIC      etc/OTP.ric           (password files)
Variable    BS_OTP_RIS      etc/OTP.ris
Variable    BS_COUNTER      etc/bancasella.counter
Variable    BS_MIN_PWD      500
Variable    BS_MIN_PWD_MAIL the.email@at which.send.the.following.msg
Variable    BS_MIN_PWD_TEXT The passwords are ending!

this tags are so used:

in the last page befor Banca Sella:

<font color=#ffffff>
[if session bs_pwd_ending]
    [email to="__BS_MIN_PWD_MAIL__" subject="__BS_MIN_PWD_TEXT__"

this order page must have <FORM ACTION="bs_trans1.html"> which follows:



Last but not least BS must have bs_trans2.html pointed as return page: -------------------------------- bs_trans2.html: [bs-confirm a="[cgi a]" b="[cgi b]" c="[cgi c]"] [if session bs_result] [tag op=header interpolate=1] Status: 302 moved Location: [process secure=1]?mv_todo=submit&mv_order_route=main%20log%20copy_user&mv_order_profile=checkout_profile&mv_session_id=[data session id]&email_copy=1&mail_list=0&mv_cartname=main [/tag] [else] Transaction failed! [/else] [/if] That's all. I hope it may be useful. If someone detects where mistakes are (sure there are!:-) please let me know. Ciao Massimiliano --------------------------------------------------------------------------- Massimiliano Ciancio Consulting mciancio@tiscalinet.it Custom Programming /// chip! http://web.tiscalinet.it/mciancio Internet and eCommerce (.) ----------------------------------------------------------------^-^--------