Openprovider allows to customize the e-mails that we send whenever we initiate a transfer. One of the customizable elements is the confirmation page. By setting up your own confirmation page, you can redirect your customers directly from the FOA (Form of Authorization) e-mail to your own portal.
Configuration
First of all, configure your FOA branding and include a Confirmation link to your own website. This confirmation link can be anything, as long as you include the two most important variables:
- %%domain%% is the domain name to be transferred (optional value)
- %%domainId%% is a unique identifier for the domain that is transferred
- %%authCode%% is a security code to prevent abuse
Two examples of a valid URL would then be:
https://www.example.com/transfers/confirm.php?domain=%%domainId%%&domainId=%%domainId%%&authCode=%%authCode%%
https://foa-approve.example.com/%%domainId%%/%%authCode%%/
Handling FOA responses
Basically, your script should call the callback script of Openprovider with the right variables: domainId, authCode and approval. (The variable domain is not used in the call to Openprovider.) The approval variable should contain yes or no:
https://rcp.openprovider.eu/misc.php/domain/transferCallback/?domainId=%%domainId%%&authCode=%%authCode%%&approve=%%approval%%
There are many ways to accomplish this, one of the approaches is written in an example PHP script below. This script displays a very basic form and asks for an approval or reject. Having that answer, it calls the Openprovider server:
<?php
/* requires confirmation URL including
?domainId=%%domainId%%&authCode=%%authCode%%
*/
if (isset($_GET['approval']) && $_GET['domainId'] && $_GET['authCode']) {
$url = 'http://rcp.openprovider.eu/misc.php/domain/transferCallback/'
.'?domainId='.$_GET['domainId']
.'&authCode='.$_GET['authCode']
.'&approve='.$_GET['approval'];
// This command requires allow_url_fopen to be enabled
$response = file_get_contents($url);
// Alternatively, use the PHP CURL functions
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close ($ch);
// Output the response to the website visitor, or use this response in your own script for a better answer
echo $response;
exit;
}
else if ($_GET['submit']) {
echo 'Not all fields completed<br />';
}
?>
<html>
<head>
<title>Approve transfer</title>
</head>
<body>
<form method="get">
Domain: <input type="text" name="domain" value="<?php echo $_GET['domain']; ?>" /><br />
DomainId: <input type="hidden" name="domainId" value="<?php echo $_GET['domainId']; ?>" /><br />
Code: <input type="text" name="authCode" value="<?php echo $_GET['authCode']; ?>" /><br />
<input type="radio" name="approval" value="yes" <?php if ($_GET['approval'] == 'yes') echo ' checked'; ?> /> Approve
<input type="radio" name="approval" value="no" <?php if ($_GET['approval'] == 'no') echo ' checked'; ?> /> Reject<br />
<input type="submit" name="submit" value="Send" />
</form>
</body>
</html>
There are four possible responses:
- If an approval is successfully processed, the response is:
status=Ok;
message=Domain transfer has been approved. The transfer will now be ordered at the registry. It can take up to 5 days for the transfer to be completed. - If a rejection is successfully processed, the response is:
status=Rejected;
message=Domain transfer has been rejected. - If the request is invalid (expired transfer, wrong domainId or wrong authCode), the response is:
status=Error;
message=No pending transfer can be found; check the e-mail to see if the link did not time-out. If the transfer is still active, check the link in the e-mail and try again. - If an other error occurred, the response is:
status=Error;
message=We were not able to proceed with transfer, because system encountered the following error: An unknown domain error has occurred; for more details, please refer to the registry message below Transfer request failed: 2304, Object status prohibits operation