Screen: ShopSite > Orders

Automatic XML Orders Download

Note:

The information on this page applies to Orders only. For information on automated XML uploads and downloads of Products or Pages, see Database Automated XML Upload/Download.

Note:

To implement this feature as intended, you should familiarize yourself with the sample OAuth source code. It can be downloaded here:
OAuth_Sample.zip

If you plan to implement OAuth in PHP, we've created a pair of files that can be used to accelerate your development. The first, oauth.php, is an OAuth module that can be plugged directly in to your custom PHP script. The second, oauth_tester.php, contains examples of how to use the module with ShopSite. The zip file containing these files can be downloaded here:
OAuth_PHP.zip

You can use a merchant-supplied program to automatically download a store’s orders as an XML-formatted text file. This help page describes the programmatic interface; the XML DTD is described on Orders Download XML Format.

Your orders download program must send a request to a ShopSite Authorization CGI program (authorize.cgi) and provide authentication to receive a token that can authorize a request to a ShopSite Download CGI program (db_xml.cgi) to start the download. To keep order information secure, the ShopSite CGI program must be invoked through a secure connection (https). If the connection is not secure, customer credit card information will not be included in the download.

The db_xml.cgi program can accept these optional parameters:

While it is possible to use startorder and endorder or startdate and enddate to download a specific set of orders, you do not have to use both the start and end value. You could, for example, use startdate without enddate to download all the orders that have come in since the last time you downloaded orders.

The db_xml.cgi will output the following line, followed by the XML order information:

Content-type: application/x-www-form-urlencoded\n\n

Example Program

This example program functions as though the client has already entered the appropriate information on the Applications screen of the back office. The example also relies heavily on the sample OAuth source code found in the OAuth_Sample.zip which you should download and review.

From the back office:

Generated by the OAuth sample code:

This example uses a non-secure connection to request order information. Because the CGI directory on the server requires authentication, the program first requests a token from ShopSite, passing the authentication keys set up on the Application screen in the back office. It then passes the token as authentication for the order information request. This program does not process the XML, so it does not test the response values (Success or Failure).

if ((msg_socket = getconnection("mystore.com",80)) == -1)
{
  printf("Big trouble, no socket connection\r\n");
  exit(1);
}

    /* create the HTTP header for authentication request */
sprintf(send_msg,
  "POST /cgi-bin/sc/authorize.cgi HTTP/1.1\r\n"
  "Host: mystore.com\r\n"
  "Content-Length: 127\r\n
  "Content-Type: application/x-www-form-urlencoded\r\n\r\n"
  "grant_type=authorization_code&code=MTQxMDZ8ZGViYmllfDJ8&client_credentials=QjlEMzI5OUI6ODAwMjZiYzc=&signature=rfw0k21l9YdXl0r240Uw+3aa9A4=");
    /* send the HTTP header for authentication request */
resource = send(msg_socket, send_msg, strlen(send_msg),0);

    /* create the HTTP header for download */
sprintf(send_msg,
  "POST /cgi-bin/sc/db_xml.cgi HTTP/1.1\r\n"
  "Host: mystore.com\r\n"
  "Content-Length: 164\r\n
  "Content-Type: application/x-www-form-urlencoded"\r\n\r\n
  “clientApp=1&dbname=orders&version=11.0&token=MTMwMjA5NjAyOHxkZWJiaWV8MnxCYWlsZXl8MjU2fA==&timestamp=1302101084&nonce=503bb763&signature=LXIUwI9RSLqzd19GpOJnbO0hTQg=”);

    /* send the HTTP header for download */
count = send(msg_socket, send_msg, strlen(send_msg),0);

    /* loop to receive order info */
while (count = recv(msg_socket, buf, 2048, 0))
{
  buf[count] = '\0';
  printf("%s",buf); /* since just testing write the order info to the screen */

    /* Here is where you would create a buffer */
    /* containing all the order info */
    /* and then process that information */
}

close(msg_socket);

The getconnection() function creates a socket link to the specified host. Once the socket connection has been established the program will "send" the HTTP header that specifies the CGI to be invoked, the Host and the Authorization which is needed because the CGI is in a oAuth protected web server directory.


ShopSite Help and Resource Center
Last updated: August 21, 2012
Give Feedback


ShopSite Shopping Cart Software