Friday, May 31, 2013

Using Composer with Laravel 3

I found a well-written PayPal REST API that used Composer. My existing project was in Laravel 3. I wanted to make everything work without hacking all my files to bits. But how?

By modifying 2 files and adding a new "vendor" directory, I was able to use the composer library as part of my Laravel 3 application.

First, add a "vendor" directory to the root project directory. Second, modify /public/index.php with the following lines BEFORE the launch Laravel directive.

// --------------------------------------------------------------
// Autoload composer vendors.
// --------------------------------------------------------------
require path('composer').'autoload.php';

Now we need to add the path reference being used here into paths.php. I put this after public and before the awesome dragon ASCII art.

// --------------------------------------------------------------
// The path to the composer vendors directory.
// --------------------------------------------------------------
$paths['composer'] = 'vendor';

Now you can place your composer.json in your root directory and run composer update on it. That should do it!

Note: Thanks to for laying some ground work, although that solution still had a bug for me.

Monday, May 27, 2013

Finding a Payment Processor / Gateway - Tons of fees and what you have to know first.

Keep Reading

Most likely, you're reading this because you are either considering accepting credit/debit cards or have been looking for a reliable Payment Processor (PP). Here are some things to help prepare you for what’s to come.

You're A Risk

The PP's job is to assess what kind of risk you are before working with you. They do this by putting you into a risk category. These are some of the different factors involved with determining your risk:
  • The sale of digital goods vs tangible goods (if you sell digitally, you're more of a risk)
  • Credit history (if your company doesn't have any, then this falls on you personally, if yours isn't good, that’s a risk)
  • Amount of time your company has been in business.  If you have no payment history or processing history than you will be in a higher risk category.

Have Good Credit?

Good for you! If you don't, you need a cosigner. Find out what portion of the company the co-signer needs to own, if any. Also, chances are you will undergo a "business model check" where they evaluate your business plan and practices. This check could include references to vendors, suppliers, or other sensitive business relationships.

Fees, Fees, and more Fees

When you start looking into choosing a payment processing service, you will start to notice fees. Lots of fees. These are the fees I'm aware of along with why it's charged and my thoughts on it. 

Gateway Usage Fees: You need a gateway but the fees will depend a lot on your situation, generally you can save some or all of these fees by going with a PP that also provides a gateway or has an existing contract with a gateway company. Not all PPs charge for this.

Setup Fees: These are ridiculous fees charges by some PPs to unsuspecting victims. Setting up your account (entering in your info) is already worth their time (especially if you’re in a contract or paying a monthly fee). I strongly suggest not using any processor that won’t waive these fees. Some PPs will say these fees are due to application processing (see Application Fees below). Many PPs do not charge for this.

Gateway Setup Fees: See Setup Fees above.

Merchant Account Setup Fees: See Setup Fees above.

Online Check Processing Setup Fees: See Setup Fees above.

Application Fees: These fees are associated with the work required to process your application, do a background check, evaluate your business, etc. Not all PPs charge for this.

Statement Fees: These are fees assessed for generating your statements each month and possibly mailing them to you. Not all PPs charge for this.

Monthly Fees: Almost all processors will charge a monthly fee to use their service. For example, PayPal will charge you $30 each month for their Pro account. If you are in a contract, you will be required to pay monthly fees throughout the duration of the contract.

Minimum Transaction Fees: This fee is nearly invisible until it becomes a problem. This happens when you don't pay the PP enough money in fees for transactions processed (see Transaction Fees below). For example, if you don't meet a specific total amount (e.g. $25) in fees for the month, they could charge you an additional $25. This is generally always negotiable. If you choose a merchant service provider who charges these fees, get them as low as you can or waived completely. Not all PPs charge for this.

Under Limit Fee: This fee may sometimes be considered the same thing as a Minimum Transaction Fee. This fee is applied when you don't reach a minimum transaction amount in a given period. This fee on average is about 1% - 5%. Not all PPs charge this.

Over Limit Fee: This fee is what is sounds like; a fee applied when you go over your allowed transaction limit in a given period. On average this is about 1%-5%. Not all PPs charge this.

PCI Compliance Fees: These fees are essentially a charge added for the effort required in making the service PCI compliant. Not all PPs charge for this.

Charge-back Fees: These are almost unavoidable. Fortunately, if your doing business ethically and correctly, it shouldn't be much of a problem. Some people might get this confused as a fee for refunding money to your customers (see Refund Fee below), but these are fees associated with when a customer calls the credit card company demanding a payment reversal and their dispute has to be managed.

Charge-back Monitoring Fees: Not sure

Terminal Fees (or Virtual Terminal): Some Merchant Service Providers will add an additional charge to use a terminal service. This is generally a website that allows you to manually type in credit cards for customers who call over the phone or are not in person. Not all PPs charge for this.

Card Issuer Fees: The company who issued the Credit or Debit card (i.e. VISA, AMEX, Discover, etc.) adds a charge to process your payment. Some Processors absorb this cost (PayPal), while others pass it onto you (FastCharge). 

Transaction Fees: All processors will charge a fee per transaction. This may be a flat rate, a percentage of the transaction, or both. Some companies may also have different transaction rates depending on if the customer uses a credit card or debit card. For example, PayPal requires that you pay 2.9% + $0.30 per transaction regardless of the card. Elavon charges 2% per transaction per credit card and 1.6% for a debit card. When you talk to PPs, verify that the quoted transaction fees are for internet-based transactions.

Recurring Billing Fees: These are fees charged for offering a service of recurring billing. For example, PayPal charges an additional $10 per month, whereas FastCharge offers this service as no additional cost. Not all PPs charge for this. 

Batching Fees: You may want to process batches of transactions at the end of the day. Some PPs may add an additional charge for this.

Cancellation Fees: If you happen to enter into a contract, you can expect that you will assess a penalty for ending that contract early. For example, ending a 3-year contract with Elavon early costs you $250.

Payment Transfer Fees: If you want access to your money, you may have to pay for it. Inquire with potential PPs about any payment transfer fees or limitations on how many times you can transfer during a given time period.

Unverified Credit Card Fee: Sometimes processors will require a higher transaction rate if the credit card information provided doesn't include other identifying information like a zip code. Processors like Elavon may charge an additional 1.5-3% to your existing transaction fees.

Dues and Assessments: These may or may not be the same as Transfer Fees. Inquire with your PP about any D&A fees.

Programming Charge: I haven’t been able to get anyone to explain what this charge is for. My theory is that this began with POS terminals and devices. Avoid PPs who charges for this.

Annual Fees: This is a fee you are required to pay annually to be part of their network. Most PPs don’t charge this.

Debit Network Access Fee: You may be required to pay an additional fee for processing debit cards. Ask your potential PP about debit card processing fees. Most PPs don’t charge this.

Address Verification Fee: This is a fee some PPs may charge for using their Address Verification service. Some processors may require this service is used. Not all PPs offer or charge for this or offer this service.

Refund Fee: A small charge rarely charged by PPs when you issue a refund to a client. I would stay away from any company with a refund fee. Not many PPs charge for this.

Funding Fee: I'm not sure what this fee is supposed to be for. But it may be about 1% daily. Not many PPs charge for this.

Periodic Rate Review: Sometimes you will be required to pay a fee to have your rates reviewed and see if you qualify for lower rates and higher limits. Some companies may charge $50 or more to handle your request. Not all PPs charge for this.

Shopping Cart Functionality: This is a provided shopping cart functionality. Some PPs may charge up to $50 each month for this feature. This will be according to your needs and budget. Not all PPs offer this. Some PPs do not charge additional fees for this.

Secure Payment Forms: Not sure. Some PPs may charge up to $30 each month for this service. Not all PPs offer this. Some PPs do not charge additional fees for this.

Tokenization: This service allows for securely storing sensitive data and returning an token to allow utilizing stored data. For example, some processors allow you to securely store credit cards and process on those credit cards without the needing the card present and without allowing that information to be retrieved in plain format from storage. Not all PPs charge for this.

3DES Encryption: 3DES or Triple Data Encryption Standard is a method used for encrypting data stored on PP servers. Not all PPs charge for this.

Proxy Blocking: Known proxies can be used to maliciously attack your site and attempt to cause harm to your billing process. However uncommon, proxy blocking is one way to help alleviate this trouble. This can be provided at an extra cost, or included with your base program.

IP Blocking: IP blocking allows you to protect your service from malicious IP addresses.

CVV/CVV2 Verification: This fee can apply in order for a processor to verify

Advanced Fraud Screening: In the event that someone uses a fraudulent card on your web site, this service will help to prevent this from happening which can reduce ca

Country Blocking: Just as one might want to block IP and Proxys, you can sometimes also choose to block countries.

Sub-accounts / Additional Users: Some processors will add an additional charge if you want to add additional users or sub accounts to your primary account.

Domain Blocking: This is very similar to IP, Proxy, and Country blocking.

Brute Force Prevention: Malicious people online can use scripts to automate attacks against your site and services your site utilizes. Many PPs offer this, some charge additional service fees.

Other Things to Consider

Negotiate: Most of the fees listed are flexible, and (whether they admit it or not) they can be dropped or modified. Don't be shy about pivoting one processor against another. They would much rather have your business and not get all their fees than lose you completely.

Security Reserves: Sometimes companies will require you to keep a certain amount in their account at all times. This amount will be bigger for high risk companies.

Contracts: A lot of processors suggest that you don't get locked into a contract. Elavon offers a standard 3-year contract. Personally, I avoid contracts as it allows the provider to get lazy in their support of my product and their interest in me as a customer.

Restricted Countries: Some PPs only accept payments from people within the United States. Others have a list of specific countries from which they accepts customers or have no restrictions.

Restricted Products: Some companies let you sell only physical products or only intangible products, which can be downloaded or emailed and don't need to be shipped. Others have no restriction on what you can sell through them. 

Fraud Screening Charges: This is generally an optional service which will help prevent fraudulent charges and charge-backs.

Underwriting: Find out if they are using an in-house underwriter or sending it out. This may affect your getting an account.

Credit Checks: Find out when your credit is pulled. They will see what other processors have looked at your credit. The more processors that show up, the higher of a risk you appear.

Approval Time: Find out how long it takes to get approved. Typically, PPs approval time in anywhere from 24-72 hours to 1-3 weeks.

Maximum processing limits per month: Some processors will limit how much money in transactions you can do per month. This is based on your level of risk and your merchant history. For new businesses, it may take up to 2-3 years to establish a good merchant history. (See Over Limit Fees above for more on related fees.)

Micro-payments: If you are planning to handle many small transactions, you will want to look for a provider who allows for Micro-payments. These rates generally are going to save you money in the long run if you have high volume. PayPal offers this option for a transaction rate of $0.05 + 5%.

Alternate payment methods: If you are planning on taking other forms of payment other than credit or debit cards, find out if the processor allows for wire transfer or ACH processing.

Bookkeeping: Find out if their software will integrate with your bookkeeping software. This can make managing finances much easier in the long run.

Development API: You may want to have a programmer integrate your own shopping cart or handle charges in another way. In these cases, you want to make sure your processor has an API available.

Final Note

I am not compensated by any company referenced to on this page either directly or indirectly. Neither am I the authority or official representative of these companies. The prices listed were pulled from the company websites (2013) or explained verbally over the phone. The opinions on this page are purely those of the author and do not reflect any official opinion of CorrLabs, LLC. For exact fee amounts or official reasons for fees, please contact the Payment Processor directly.

Friday, May 17, 2013

XBMC Addon Development - Updated Zip file doesn't update addon issue

While working on an XBMC addon, I got my addon to install properly and then decided to make some changes. I Uninstalled the addon and tried to install the new Zip file but the old addon showed back up and none of my changes existed.

I'm still not sure why I can't upload a new Zip file with an update, but I found a better way to development the addon anyway. By placing the folder with my addon into the {XBMC Install location}/addons folder, I was able to restart XBMC and have my changes take effect immediately.

I hope at some point I can understand why updating via a Zip file wasn't working, but for now, I'm just going to develop in the addons folder. If you know why it wasn't working, leave a comment below!

Thursday, May 16, 2013

XBMC: ERROR: Unable to create application. Exiting - Fix On Windows 7

In my spare time I've been writing a python script addon for XBMC. While developing I was tailing the log file, but trying to restart the application, I got the following error message:

ERROR: Unable to create application. Exiting

It turned out that for me, this error was caused by keeping the tail open on the log file when trying to restart the XBMC application. Closing the tail and reopening each time I launched the application made the application launch correctly. If you're not using a tail, the same error may occur when files used by XBMC are locked or being accesses by left over threads or other applications.

Wednesday, May 15, 2013

Laravel 3: Unlimited routing arguments

I was working on a project in Laravel when I realized I really wanted to have 1 route rule for a specific controller but be able to allow a lot of different arguments.

I found that I could use func_get_args() in conjunction with the static Controller::call() method to handle an unlimited number of arguments to the receiving controller method.

Route::any('users/(:any?)/(:any?)/(:any?)', array(
        'as' => 'users', 
            $args = func_get_args();
            if (empty($args)){
                $action = 'index';
                $action = array_shift($args);
            return Controller::call("users@{$action}", $args);

There is one caveat to this solution, and that is that you have to specify all the possible captures in the Route URL rule although extra captures are ignored.

Thursday, May 2, 2013

Adobe AIR: Getting HTML Source on MX HTML Component

I decided to write a tool that would aggregate data from web sites as one surfs the web, kind of like a browser with some extra functionality. It soon became apparent that the <mx:HTML> component didn't have a simple "source" property where I could see all the HTML from the website.

It turned out to be a simple task. The HTML component has a property which allows you to access the HTMLLoader object associated with the component. The HTMLLoader object has direct DOM access using Psuedo DOM objects (basically basic objects with a couple preset properties called Nodes and NodeLists). Many of the JavaScript dom functions exist in this representation and will work just fine.

For example:

Using the last one along with the innerHTML property, we can get the source of the body element.


I'm sure you could get the entire document source if you wanted to examine the page head, etc. But these weren't useful for me.

Good luck!