rdcVSoft_8i_source.html

<?php
/*
 * 7/15/2019
 * Updated from Mammoth - By Erin
 *
 * 2/6/2019
 * Vsoft presented new specs for Parthenon. Specs changed some.  Sent this email
 * Date: February 6, 2019 at 12:06:27 PM MST
 * To: ishwar.viswanathan@vsoftcorp.com
 * Cc:  Jeff Mowery <jeff.mowery@vsoftcorp.com>,
 *      Rod Hamilton <rod.hamilton@vsoftcorp.com>,
 *      Buddy Heywood <buddy@homecu.com>
 *
 * We currently have 4 other clients using Vsoft mobile deposit, all of whom are
 * using the older 1.5 / 1.9 version.  These 4 clients are connecting to
 * https://saas5.deposit2day.com/ValidationService.Base1/VSoftRemoteSvc.asmx for
 * processing. In addition we have another client currently gearing up to use
 * the product, currently in test mode.  That client uses URL
 * https://scbc1.creditunionimages.com/ValidationService/VSoftRemoteSvc.asmx
 * which appears to be the older version as well.
 *
 * Our current product was originally coded for version 1.5.  We updated for
 * version 1.9, but at the time we did that 1.9 was in QA rather than full
 * production.  As a result, our product does not use the transaction history
 * calls which were added between 1.5 and 1.9.  The new specs are version 6.0.9.
 * The version history indicates a change to the format for Amount and Account
 * number, as well as some new calls.
 *
 * The change to the format for Amount concerns me.  We are currently passing
 * the dollar amount of the check formatted as currency with a decimal. The
 * updated specs note that the amount should be stated in cents instead.  While
 * that is a reasonably easy change with regard to programming, I need to be
 * careful not to disrupt the existing clients. Because of that, I intend to
 * make the amount format a configurable setting so that existing clients can
 * continue to do what they do and this new client can use the updated specs.
 *
 * Also, the WSDL file provided during our initial coding for versions 1.5 / 1.9
 * included an XML tag <ReturnImage> defined as boolean in the ?Process Request?
 * call. This tag was not in any of the printed documentation, but was marked as
 * required in the WSDL, so we pass it along with a value of false.  Will the
 * new version tolerate the presence of this tag? Will removing it be a problem
 * for the existing clients using the older version?  I will probably tie that
 * to the same configuration option controlling the amount format to minimize
 * the impact for existing clients.
 *
 * After the email, realized:
 *  PFFCU merged w/someone and abandoned the RDC implementation, never went live
 *  DTCU, JAFCU, SONOMA hit saas5.deposit2day URL
 *  FLCCU is testing, hits scbc1.creditunionimages URL
 *  PARTH is to hit vantage-consumermobile-uat.vsoft-us.com
 *
 *  * Coding changes today (Feb 2019) include:
 * Don't try to recycle curdcstatus records.  Just build a new one
 * Don't save terms doc in vendor info array. Pass as localTerms
 * Clean up logging so check images are not stuffed in db
 *
 * Note that following changes were backed out since VSoft indicated
 * differences are backward-compatible
 * Use trustedDetail parms['APIVersion'] to indicate Vsoft version.
 *          Default to version 1, mark as 6 if applicable
 *          Adjust Process call to fix XML based on APIVersion
 */

function RDCconfig($dbh, &$parms) {
  $parms['pilot'] = (!isset($parms['pilot']) ? 0 : $parms['pilot']);
  $parms['serviceurl'] = ($parms['pilot'] == 0 ? $parms['prodURL'] : $parms['pilotURL']);
  $parms['acctttl'] = (!isset($parms['acctttl']) ? 'Select account' : $parms['acctttl']);
  $parms['descttl'] = (!isset($parms['descttl']) ? 'Description' : $parms['descttl']);
}

/**
 * requires: $parms['Cu']
 *           $parms['rdcvendor']
 * Additional values rdcvendor retrieved and decoded from cutrusteddetail
 * returns:
 */
function RDCauth($dbh, $HB_ENV, $MC, $parms) {
  // assume we are going to succeed...
  $return['status']['response'] = 'true';
  $return['status']['code'] = '000';
  $return['status']['message'] = 'Success';
  $localTerms = '';

  try {
    $parms['Fset2'] = $HB_ENV['Fset2']; // HB_ENV
    $hculist = RDCGetAccts($dbh, $parms);

    if ($hculist['status']['response'] == 'false') {
      throw new Exception($hculist['status']['message'], $hculist['status']['code']);
    }

    if ($hculist['status']['response'] == 'false') {
      // return error
      throw new Exception($hculist['status']['message'], $hculist['status']['code']);
    }

    // got a valid RDC account list
    // Vsoft uses cuusers.depositlimit as vsoft profile ID
    // if $parms['HomeCUAuth'] is set, zero means member not authorized
    // otherwise, zero means use default profileID from trusteddetail record

    $mbr_rdc = Get_RDCSetting($dbh, $HB_ENV, $parms['rdcvendor'], $parms['MBRACCT']);


    if ($mbr_rdc['status']['code'] != '000') {
      $dl = 0;
    } else {
      $dl = abs(intval(HCU_array_key_value('rdcsetting', $mbr_rdc)));
    }

    if ($parms['HomeCUAuth']) {
      // pre-authorizing through HomeCU, retrieve the member rdc setting
      if ($dl == 0) {
        $HB_Notices_ary = Get_NoticeInfo($dbh, $HB_ENV, $MC, 'M', "mblNoRDC", true);

        if ($HB_Notices_ary['status']['code'] == '000' && isset($HB_Notices_ary["notice"][0])) {
          $noticeData = $HB_Notices_ary["notice"][0]["notice_text"];
        } else {
          $noticeData = "";
        }
        if (strlen($noticeData)) {
          $message = $noticeData;
          $code = 111;
        } else {
          $message = "Account not permitted for Remote Deposit.  Please contact the Credit Union for more information";
          $code = 110;
        }
        throw new Exception($message, $code);
      }
    } else {

      // Not authorizing thru HCU, everybody swims,
      // use default profileID if depositlimit not set

      // First, get a default profileID from $parms if there is one
      $pro = abs(intval(HCU_array_key_value('profileID', $parms)));

      // If $dl (retrieved from member deposit limit setting) is zero, use $pro
      $dl = ($dl == 0 ? $pro : $dl);
    }


    $parms['depositlimit'] = abs(intval($dl));
    // Just get a new deposit record every time.  Not tied
    // to shared branching, so no cost implication for client?
    $newrec = 1;
    $rdcterms = array();
    $parms['rdcstatus'] = 'S';

    if (HCU_array_key_value('HomeCUterms', $parms)) {
      $rdcterms = hcuGetRDCterms($dbh, $HB_ENV, $MC);
      if ($rdcterms['status']['response'] == 'false') {
        $e = "HCU GetTerms call failed ({$rdcterms['status']['code']} {$rdcterms['status']['message']}";
        throw new Exception($e, 301);
      }
      if ($rdcterms['data']['notice_popup'] == 1) {
        $parms['rdcstatus'] = 'T';
      } else {
        $rdcterms = array();
        $parms['rdcstatus'] = 'S';
      }
      $localTerms = HCU_array_key_value('terms', $rdcterms['data']);
    }

    // $rdcresult = array();
    // get account list from HomeCU
    $return = RDCPresentAccounts($parms, $hculist, $rdcterms);
    if ($return['status']['response'] == 'false') {
      // error send fail
      throw new Exception($return['status']['message'], $return['status']['code']);
    }

    $parms['vendorinfo'] = array(
      "Vendortime" => mktime(),
      "userAgent" => $_SERVER['HTTP_USER_AGENT'],
      "userIP" => $_SERVER['REMOTE_ADDR'],
      "accounts" => $return['data']['accounts'],
      "depositlimit" => intval($dl)
    );

    if ($newrec) {
      // start curdc record, return depositid as part of result
      $depostat = curdc_start($dbh, $parms);
      if ($depostat['status']['response'] == 'false') {
        // error send fail
        throw new Exception('HomeCU Start Deposit Failed', 200);
      }
      $parms['depositid'] = $depostat['data']['depositid'];
    }
    $return['data']['depositid'] = $parms['depositid'];
    $return['data']['accounts'] = $parms['vendorinfo']['accounts'];
    $return['data']['terms'] = $localTerms;

    $depostat = curdc_setvinfo($dbh, array(
      'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
      'vendorinfo' => json_encode($parms['vendorinfo'])
    ));
    if ($depostat['status']['response'] == 'false') {
      // error send fail
      throw new Exception($depostat['status']['message'], $depostat['status']['code']);
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['code'] = $e->getCode();
    $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
  }
  return $return;
}

/**
 * requires: $parms['Cu']
 * $parms['depositid']
 * Additional values retrieved and decoded from cutrusteddetail
 * or from curdcstatus record using depositid as key
 */
function RDCaccept($dbh, $HB_ENV, $MC, $parms) {
  // assume we are going to succeed...
  $return['status']['response'] = 'true';
  $return['status']['code'] = '000';
  $return['status']['message'] = 'Success';

  try {
    if (!isset($parms['Cu']) || !isset($parms['depositid'])) {
      throw new Exception('Missing Parameters', 100);
    }
    // look up depositid
    // decode vendorinfo
    $depo = curdc_read($dbh, $parms);
    if ($depo['status']['response'] == 'false') {
      throw new Exception('HomeCU DepositID not found', 205);
    }

    // look up rdcTerms doc and then update to show acceptance
    // get any notice text
    $noticeInfo = Get_NoticeInfo($dbh, $HB_ENV, $MC, "P", "rdcTerms", false);
    if ($noticeInfo["status"]["code"] == "000" && sizeof($noticeInfo['notice']) && intval($noticeInfo['notice'][0]['notice_id']) > 0) {
      // action P post so set up the HCUPOST array
      $HB_ENV['HCUPOST']['notice_id'] = $noticeInfo['notice'][0]['notice_id'];
      $HB_ENV['HCUPOST']['notice_type'] = $noticeInfo['notice'][0]['notice_type'];
      $HB_ENV['HCUPOST']['notice_device'] = 'P';
      $HB_ENV["HCUPOST"]['notice_response'] = array("answer" => 1);    // something non-zero but numeric
      // not sure if the next two are needed
      $HB_ENV["HCUPOST"]['notice_cancel'] = "0";
      $HB_ENV['HCUPOST']['notice_msg_show'] = 1;
      $noticeUpd = Update_NoticeInfo($dbh, $HB_ENV, $MC);

      $return['status']['message'] = 'Accept Terms OK';
      $vendorinfo = $depo['vendorinfo'];
      $vendorinfo['terms'] = '';
      $vendorinfo['Vendortime'] = mktime();
      $parms['vendorinfo'] = $vendorinfo;
    }

    // update curdcstatus record
    $parms['rdcstatus'] = 'O';
    // need setvinfo to update Vendortime, let setvinfo also set new status -- only one call required
    $depostat = curdc_setvinfo($dbh, array(
      'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
      'rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($parms['vendorinfo'])
    ));
    if ($depostat['status']['response'] == 'false') {
      // error send fail
      throw new Exception($depostat['status']['message'], $depostat['status']['code']);
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['code'] = $e->getCode();
    $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
  }
  return $return;
}

/**
 * requires: $parms['Cu']
 * $parms['depositid']
 * Additional values retrieved and decoded from cutrusteddetail
 * or from curdcstatus record using depositid as key
 *
 */
function RDChistorylist($dbh, $parms) {
  // assume we are going to succeed...
  $return['status']['response'] = 'true';
  $return['status']['code'] = '000';
  $return['status']['message'] = 'Success';

  try {
    if (!isset($parms['Cu']) || !isset($parms['depositid'])) {
      throw new Exception('Missing Parameters', 100);
    }
    // look up depositid
    // decode vendorinfo
    $depo = curdc_read($dbh, $parms);
    if ($depo['status']['response'] == 'false') {
      throw new Exception("HomeCU DepositID not found [{$parms['depositid']}]", 205);
    }

    $rdcresult = vsoftHistory($parms);
    // check return values for error
    if ($rdcresult['status']['response'] == 'false') {
      throw new Exception('Vsoft History call failed ' . $rdcresult['status']['message'], 305);
    }

    //pulling from our records instead of from vendor
    // $return['response'] = $rdcresult;
    $return['status']['message'] = 'Vsoft History List OK';
    // $vendorinfo = $depo['vendorinfo'];
    $vendorinfo['Vendortime'] = mktime();
    $parms['vendorinfo'] = $vendorinfo;

    // update curdcstatus record

    $depostat = curdc_setvinfo($dbh, array(
      'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
      'vendorinfo' => json_encode($parms['vendorinfo'])
    ));
    if ($depostat['status']['response'] == 'false') {
      // error send fail
      throw new Exception($depostat['status']['message'], $depostat['status']['code']);
    }
    $return['data']['TransactionList'] = $rdcresult['data'];
    $return['data']['rdcvendor'] = $depo['data']['rdcvendor'];
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['code'] = $e->getCode();
    $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
  }
  return $return;
}

/**
 * coded for Ensenta only?
 * requires: $parms['Cu']
 * $parms['transactionid']
 * Additional values retrieved and decoded from cutrusteddetail
 * or from curdcstatus record using depositid as key
 */
function RDChistorydetl($dbh, $parms) {
  // assume we are going to succeed...
  $return['status']['response'] = 'true';
  $return['status']['code'] = '000';
  $return['status']['message'] = 'Success';

  try {
    if (!isset($parms['Cu']) || !isset($parms['transactionid']) || !isset($parms['depositid'])) {
      throw new Exception('Missing Parameters', 100);
    }
    // look up depositid
    // decode vendorinfo
    $depo = curdc_read($dbh, $parms);
    if ($depo['status']['response'] == 'false') {
      throw new Exception('HomeCU DepositID not found', 205);
    }
    // update curdcstatus record
    $depostat = curdc_setvinfo($dbh, array(
      'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
      'vendorinfo' => json_encode($parms['vendorinfo'])
    ));
    if ($depostat['status']['response'] == 'false') {
      // error send fail
      throw new Exception($depostat['status']['message'], $depostat['status']['code']);
    }
    $return['data'] = $rdcresult['data'];
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['code'] = $e->getCode();
    $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
  }
  return $return;
}

/**
 * requires: $parms['Cu']
 * $parms['depositid']
 * $parms['amount']
 * $parms['acctid']
 * $parms['rdcacctid']
 * Additional values retrieved and decoded from cutrusteddetail
 * or from curdcstatus record using depositid as key
 */
function RDCdeposit($dbh, $parms) {
  // assume we are going to succeed...
  $return['status']['response'] = 'true';
  $return['status']['message'] = 'Success';
  $return['status']['code'] = '000';
  try {

    $parms['SessionId'] = time();

    if (
      !isset($parms['Cu']) || !isset($parms['depositid']) ||
      !isset($parms['amount']) || !isset($parms['acctid'])
    ) {
      throw new Exception('Missing Parameters', 100);
    }
    /*
         * need to use $parms['acctid'] to retrieve info about receiving account
         * get from vendorinfo[accounts] stored in deposit record, as that includes
         * vendor-returned info
         */

    // look up depositid
    $depo = curdc_read($dbh, $parms);
    if ($depo['status']['response'] == 'false') {
      throw new Exception('HomeCU DepositID not found', 205);
    }
    $fail = '';
    switch ($depo['data']['status']) {
      case 'T':
        $fail = 'Must accept terms of use before depositing funds';
        break;
      case 'R':
        $fail = 'Deposit has been rejected';
        break;
      case 'C':
        $fail = 'Deposit already completed';
        break;
      case 'B':
      case 'F':
        if (!isset($parms['POSTAWAY'])) {
          $fail = 'Deposit requires override confirmation';
        }
        break;
    }
    if ("$fail" != '') {
      throw new Exception($fail, 229);
    }
    if (is_null($depo['data']['frontpath']) || is_null($depo['data']['backpath']) || !getimagesize($depo['data']['frontpath']) || !getimagesize($depo['data']['backpath'])) {
      throw new Exception('Check Images not found', 220);
    }
    $vendorinfo = $depo['data']['vendorinfo'];

    // Store amount, selected account in curdcstatus table
    $depostat = curdc_update($dbh, array(
      'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
      'amount' => $parms['amount'], 'acctid' => $parms['acctid']
    ));
    if ($depostat['status']['response'] == 'false') {
      throw new Exception('HomeCU Update Deposit Amount Failed', 225);
    }

    $acctid = $parms['acctid'];
    $hculist = RDCGetAccts($dbh, $parms, $acctid);

    if ($hculist['status']['response'] !== 'true') {
      throw new Exception('Invalid Deposit Account', 230);
    }
    $parms['depositlimit'] = $vendorinfo['depositlimit'];
    $parms['depositAcct'] = $hculist['data'][$acctid]['suffix'];
    switch ($hculist['data'][$acctid]['rdctype']) {
      case 0:
        $parms['depositType'] = 3;
        break;
      case 1:
        $parms['depositType'] = 1;
        break;
      default:
        $parms['depositType'] = 2;
        break;
    }

    /* vsoftStartTran needs these things filled in...
         *
         * $parms['InstID']
         * $parms['serviceurl']
         * $parms['Cn']
         * $parms['depositAcct'] # suffix
         * $parms['depositType'] #1=checking  2=gl 3=savings
         * $parms['depositlimit']
         *
         */

    $vsofttran = vsoftStartTran($parms);

    if ($vsofttran['status']['response'] !== 'true') {
      throw new Exception('Start Session failed' . $vsofttran['status']['message'], 231);
    }


    /* vsoftProcess needs these things filled in...
         *
         * $parms['SessionId']
         * $parms['serviceurl']
         * $parms['amount']
         * $parms['FrontImage']
         * $parms['RearImage']
         *
         */
    $parms['SessionId'] = $vsofttran['data']['SessionId'];
    $parms['FrontImage'] = base64_encode(file_get_contents($depo['data']['frontpath']));
    $parms['RearImage'] = base64_encode(file_get_contents($depo['data']['backpath']));
    $rdcresult = vsoftProcess($parms);

    if ($rdcresult['status']['response'] == 'false') {
      throw new Exception('Deposit failed ' . $rdcresult['status']['message'], 243);
    }


    // check return values for error
    if ($rdcresult['data']['ReturnValue'] !== 'true') {
      # process was rejected - figure out why
      $rejectfor = "{$rdcresult['data']['ErrorCode']} - {$rdcresult['data']['ErrorDesc']}";
      $parms['rdcstatus'] = 'R';
      $vendorinfo['Vendortime'] = mktime();
      $vendorinfo['DepositStatus'] = $rejectfor;
      $vendorinfo['DepositTime'] = date('YmdHis');
      $depostat = curdc_setvinfo($dbh, array(
        'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
        'rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($vendorinfo)
      ));
      throw new Exception("Deposit Rejected: $rejectfor", 241);
    } else {
      // call vsoftACK to confirm deposit & show error if it fails
      $parms['ReturnValue'] = 1; // complete transaction
      $rdcresult = vsoftAck($parms);
      if ($rdcresult['status']['response'] !== 'true' || $rdcresult['data']['ReturnValue'] !== 'true') {
        if ($rdcresult['status']['response'] !== 'true') {
          $rejectfor = $rdcresult['status']['message'];
        } else {
          $rejectfor = "{$rdcresult['data']['ErrorCode']} - {$rdcresult['data']['ErrorDesc']}";
        }

        $parms['rdcstatus'] = 'R';
        $vendorinfo['Vendortime'] = mktime();
        $vendorinfo['DepositStatus'] = "VsoftACK failed: $rejectfor";
        $vendorinfo['DepositTime'] = date('YmdHis');
        $depostat = curdc_setvinfo($dbh, array(
          'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
          'rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($vendorinfo)
        ));

        throw new Exception("{$rdcresult['data']['ErrorCode']} - {$rdcresult['data']['ErrorDesc']}", 231);
      }
      $parms['rdcstatus'] = 'C';
      $vendorinfo['Vendortime'] = mktime();
      $vendorinfo['DepositStatus'] = "Complete";
      $vendorinfo['TransactionReceiptNumber'] = $rdcresult['data']['ConfirmationId'];
      $vendorinfo['TransactionDateTime'] = date('c');
      $depostat = curdc_setvinfo($dbh, array(
        'Cu' => $parms['Cu'], 'depositid' => $parms['depositid'], 'frontaccept' => 'Y',
        'backaccept' => 'Y', 'rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($vendorinfo)
      ));
      if ($depostat['status']['response'] == 'false') {
        throw new Exception('HomeCU Update Vendorinfo Failed', 240);
      }
      $return['status']['response'] = 'true';
      $return['status']['message'] = 'Vsoft Deposit Complete';
      // this returns everything from Ensenta, but that will be a problem if we add other vendors
      // pick a list of stuff to return and be consistent for everyone?
      $return['data'] = $rdcresult['data'];
      $return['data']['depositid'] = $parms['depositid'];
      $return['data']['rdcstatus'] = $parms['rdcstatus'];
      // use the Ensenta names for values the apps look for --
      $return['data']['TransactionReceiptNumber'] = $rdcresult['data']['ConfirmationId'];
      $return['data']['TransactionDateTime'] = date('c');
      $return['data']['MaskedAccountholderNumber'] = $vendorinfo['accounts'][$acctid]['suffix'];

      $hcumessage = "Your deposit request for account {$vendorinfo['accounts'][$acctid]['suffix']} has been received";
      $hcumessage .= ". Your confirmation number is '{$rdcresult['data']['ConfirmationId']}'. ";
      $hcumessage .= "Please save this number and refer to it if you need to contact the credit union regarding this transaction. ";

      $return['data']['HCUReceiptMessage'] = $hcumessage;
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['code'] = $e->getCode();
    $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
  }
  return $return;
}

function RDCGetAccts($dbh, $parms, $Acctid = "") {
  $AcctList = array();

  if (!isset($parms['Cu']) || !isset($parms['Cn'])) {
    $AcctList['status']['response'] = 'false';
    $AcctList['status']['code'] = '910';
    $AcctList['status']['message'] = 'Missing RDC Account Parameters'; // RDCGetAccts missing Cu/Cn

    return ($AcctList);
  }

  $Cu = $parms['Cu'];
  // $Cn = $parms['Cn'];
  $Cn = $parms['MBRACCT'];
  $Fset2 = $parms['Fset2'];
  $balwhere = $parms['balwhere'];
  $lnwhere = $parms['lnwhere'];

  // default allow deposit, loan pmt, credit card pmt
  $rtxn = (sizeof($parms['rtxn']) == 0 ?
    array('AT' => 1, 'LP' => 1, 'CP' => 1) : json_decode($parms['rtxn'], TRUE));
  $savingsql = (!isset($parms['savingsql']) ?
    "trim(accounttype)" : $parms['savingsql']);
  $draftsql = (!isset($parms['draftsql']) ?
    "trim(accounttype)" : $parms['draftsql']);
  $loansql = (!isset($parms['loansql']) ?
    "trim(loannumber)" : $parms['loansql']);
  $mbrsql = (!isset($parms['mbrsql']) ?
    "trim(accountnumber)" : $parms['mbrsql']);

  // fetch transactions types
  $sql = "select ht.trancode, trim(t.trandesc), trim(ht.cudesc), t.specialproc
               from cutrans t, cuhavetrans ht
              where ht.cu='$Cu'
              and ht.trancode = t.trancode\n";

  $sth = db_query($sql, $dbh);
  //
  // Return a line for each allowed transaction type.
  //
  $txncodes = array();
  for ($row = 0; list($code, $desc, $cudesc, $spec) = db_fetch_array($sth, $row); $row++) {
    $txncodes{
      $code} = array($desc, $spec, $cudesc);
  }
  db_free_result($sth);

  $sql = "";
  $verb = "";

  // 1/23/2018
  // The *_rdctype parms don't appear to be used by VSoft at this time. (VSoft
  // TrustedMaster doesn't define these parms.)  Changed to uppercase leading letter
  // to be consistent with Bluepoint, TranzCap, and Digiliti.  Ensenta is an oddball
  $sv_rdctype = (!isset($parms['Sv_rdctype']) ? '0' : $parms['Sv_rdctype']);
  $ck_rdctype = (!isset($parms['Ck_rdctype']) ? '1' : $parms['Ck_rdctype']);
  $ln_rdctype = (!isset($parms['Ln_rdctype']) ? '128' : $parms['Ln_rdctype']);
  // str_word_count code was trying to:
  // if the rdctype is all digits, leave it plain else wrap in single quotes for Postgres
  // but didn't work as expected. VSoft doesn't even use the *_rdctype parameters
  // probably should remove this, but will need testing to make sure nothing breaks.
  $sv_rdctype = (str_word_count($sv_rdctype, 0, '0123456789') > 1 ? $sv_rdctype : "'$sv_rdctype'");
  $ck_rdctype = (str_word_count($ck_rdctype, 0, '0123456789') > 1 ? $ck_rdctype : "'$ck_rdctype'");
  $ln_rdctype = (str_word_count($ln_rdctype, 0, '0123456789') > 1 ? $ln_rdctype : "'$ln_rdctype'");

  // find out how many valid accounts the member has:

  if (HCU_array_key_exists('AT', $txncodes) && HCU_array_key_exists('AT', $rtxn)) {
    // $txncodes is configured list @HCU - $rtxn is allowed list for RDC
    // rdctype 0 Savings, 1 Checking, 128 Installment Loan, 64 Credit Card
    // NOTE: using 128 as no way to distinguish 32 Line-of-Credit or 256 Mortgage

    $sql = "SELECT 'D' as tbl,
                    $mbrsql as rdcmember, trim(description) as desc,
                    trim(accounttype) as accounttype, $savingsql as suffix, certnumber as cert,
                    $sv_rdctype as rdctype, 'SAVINGS ACCOUNT' as rdcdesc
                    FROM ${Cu}accountbalance
                    WHERE accountnumber = '$Cn' $balwhere
          AND upper(deposittype) in ('S','N')
                    UNION
                    SELECT 'D', $mbrsql as rdcmember,
                    trim(description), trim(accounttype), $draftsql,
                    certnumber, $ck_rdctype, 'CHECKING ACCOUNT'
                    FROM ${Cu}accountbalance
                    WHERE accountnumber = '$Cn' $balwhere
          AND upper(deposittype) = 'Y' ";

    $verb = " UNION ";
  }

  if (HCU_array_key_exists('LP', $txncodes) && HCU_array_key_exists('LP', $rtxn)) {

    $sql .= "$verb
                    SELECT 'L', $mbrsql as rdcmember, trim(description),
                    trim(loannumber), $loansql,'0', $ln_rdctype, 'LOAN'
                    FROM ${Cu}loanbalance
                    WHERE accountnumber = '$Cn' $lnwhere
                    AND currentbalance >0 ";
    if (($Fset2 & $CU2_SPEC18) == $CU2_SPEC18) {
      $sql .= " and (type <> '18' or type is null) ";
      if ($rtxn{"CP"}) {
        $sql .= "UNION
                    SELECT 'C', $mbrsql as rdcmember, trim(description),
                    trim(loannumber), $loansql, '0', $ln_rdctype, 'CREDIT CARD'
                    FROM ${Cu}loanbalance
                    WHERE accountnumber = '$Cn' $lnwhere
          AND type = '18' ";
        if (($Fset2 & $CU2_CC18SHOWZERO) != $CU2_CC18SHOWZERO) {
          $sql .= " and currentbalance > 0 ";
        }
      }
    }
  }
  $sql .= " order by 5,2,3";
  $acct_rs = db_query($sql, $dbh);

  if (db_num_rows($acct_rs) == 0) {
    $AcctList['status']['response'] = 'false';
    $AcctList['status']['code'] = '920';
    $AcctList['status']['message'] = htmlspecialchars('No Eligible RDC <test>Accounts', ENT_QUOTES, 'UTF-8', FALSE); // RDCGetAccts no valid accounts
    $AcctList['status']['sql'] = $sql;
  } else {

    $AcctList['status']['response'] = 'true';
    $AcctList['status']['code'] = '000';
    $AcctList['status']['message'] = 'Success';
    for ($row = 0; $drow = db_fetch_array($acct_rs, $row); $row++) {
      $tbl = $drow['tbl'];
      $desc = $drow['desc'];
      $accounttype = $drow['accounttype'];
      $suffix = $drow['suffix'];
      $cert = $drow['cert'];
      $rdctype = $drow['rdctype'];
      switch ($rdctype) {
        case '0':
          $rdcdesc = 'Savings';
          break;
        case '1':
          $rdcdesc = 'Checking';
          break;
        case '64':
          $rdcdesc = 'CreditCard';
          break;
        case '128':
          $rdcdesc = 'Loan';
          break;
        default:
          $rdcdesc = 'Savings';
          break;
      }
      $rdcmember = $drow['rdcmember'];
      if (strpos($accounttype, "@")) {
        list($jtype, $jacct) = explode("@", $accounttype);
        $trust = 'joint';
      } else {
        $jtype = $accounttype;
        $jacct = $Cn;
        $trust = 'primary';
      }
      $tokn = sha1("${Cn}${accounttype}${Cu}${rdctype}obl1vi0u5");

      //$AcctList['data']["$tbl|$Cn|$accounttype|$cert"][micraccount]=$drow['micraccount'];

      $desc = ($desc == '' ? '_' : "$desc - $accounttype");
      $desc = htmlspecialchars($desc, ENT_QUOTES, 'UTF-8', FALSE);
      $displaydesc = ($cert == 0 ? "{$drow['desc']} - $accounttype" : "{$drow['desc']} # $cert - $accounttype");
      $displaydesc = htmlspecialchars($displaydesc, ENT_QUOTES, 'UTF-8', FALSE);

      $Accts["$tbl|$jacct|$jtype|$cert"]['accounttype'] = $accounttype;
      $Accts["$tbl|$jacct|$jtype|$cert"]['suffix'] = $suffix;
      $Accts["$tbl|$jacct|$jtype|$cert"]['certnumber'] = $cert;
      $Accts["$tbl|$jacct|$jtype|$cert"]['acctclass'] = $tbl;
      $Accts["$tbl|$jacct|$jtype|$cert"]['description'] = $desc;
      $Accts["$tbl|$jacct|$jtype|$cert"]['tokn'] = "$tokn";
      $Accts["$tbl|$jacct|$jtype|$cert"]['member'] = "$Cn";
      $Accts["$tbl|$jacct|$jtype|$cert"]['tomember'] = "$Cn";
      $Accts["$tbl|$jacct|$jtype|$cert"]['trust'] = "$trust";
      $Accts["$tbl|$jacct|$jtype|$cert"]['displaydesc'] = "$displaydesc";
      $Accts["$tbl|$jacct|$jtype|$cert"]['rdctype'] = $rdctype;
      $Accts["$tbl|$jacct|$jtype|$cert"]['rdcdesc'] = $rdcdesc;
      $Accts["$tbl|$jacct|$jtype|$cert"]['rdcmember'] = $rdcmember;
    }
  }
  if (!empty($Acctid)) {
    // got an account identifier - return one only
    $AcctList['data'][$Acctid] = $Accts[$Acctid];
  } else {
    $AcctList['data'] = $Accts;
  }

  return ($AcctList);
}

/**
 *
 * @param array $parms
 * @param array $hculist
 *          valid RDC accounts on record at HomeCU
 * @param type $rdcsent
 *          valid RDC accounts returned from vendor
 * @param type $rdcterms
 *          terms of use returned from vendor
 * @return array
 *  ['data'][accounts] list of valid accounts
 * each entry looks like this:
 *                    [D|666665|50|0] => Array
  (
  ['suffix'] => 50
  ['certnumber'] => 0
  ['acctclass'] => D
  ['description'] => REGULAR SHARES - 50
  ['tokn'] => a9a525ac33035b7c3845809443c5eed626297e0f
  ['member'] => 666665
  ['tomember'] => 666665
  ['trust'] => primary
  ['displaydesc'] => REGULAR SHARES - 50
  ['rdctype'] => 0
  ['rdcdesc'] =>
  ['RDCAcctId'] => 1
  )
 * Note that for Ensenta we pass a list of accounts on the 'start session' call
 * if the client uses shared branching, Ensenta returns list of shared branching
 * accounts, or if batch they return the same list we sent.
 * We need to parse through the list they send to record the account identifier
 * they will recognize & which we are required to use when making the deposit.
 *
 *  ['data'][terms] terms of use (if any) returned from rdc vendor
 *  ['data'] array also contains any values returned from rdc vendor on
 *              start session call.  For Ensenta, these include:
 *           [ResponseCode] => 00
 *           [SessionStateId] => 55121227-e3ea-4524-8e34-dec9b199a3f3
 *           [IsTermsAcceptanceRequired] => false
 *           [IsBlackListed] => false
 *           [ReceiptEmail] =>
 *           [accounts] => Array
 *
 */
function RDCPresentAccounts($parms, $hculist, $rdcterms) {
  // build array list to send to app
  // include depositid
  // include terms to be accepted if they are provided
  // include labels acctttl, descttl
  // $pass_along = $rdcsent; # GetReviewLimits result
  $pass_along['data']['accounts'] = $hculist['data'];
  // Vsoft doesn't filter accounts, just pass what we got from DB
  // Vsoft doesn't serve terms 12/5/2014 but in case HCU can server them...
  if (sizeof($rdcterms) > 0)
    $pass_along['data']['terms'] = $rdcterms['data']['terms'];
  $pass_along['status']['response'] = 'true';
  $pass_along['status']['code'] = '000';
  $pass_along['status']['message'] = 'Success';
  return $pass_along;
}

function vsoftStartTran($parms) {
  /**
   * uses: $parms['InstID']
   * $parms['Cn']
   * $parms['Ml'] # optional - if empty no ereceipt is sent
   * $parms['depositAcct'] passed to vsoft as AccountNumber. Defined as string, but must be digits only
   * $parms['depositType'] 1=DDA, 2=GL, 3=Savings, 4=Money Market.
   * $parms['depositlimit'] specifies profileId, defaults to 0
   * $parms['serviceurl']
   *
   * ApplicationId is always 6 for RDC Mobile
   * ImagefFormat =1, jpeg
   * ImageView =0, both sides
   * ReturnImage=false, don't return the corrected image
   *  */

  try {
    $parms['SessionId'] = time();
    if (!isset($parms['InstID']) || !isset($parms['serviceurl']) ||
      !isset($parms['Cn']) ||
      !isset($parms['depositAcct']) ||
      !isset($parms['depositType']) ||
      !isset($parms['depositlimit'])) {
      throw new Exception("Missing Parameters " . print_r($parms, true));
    }

    $soapString = '<?xml version="1.0" encoding="utf-8"?>';

    $soapString .= '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:val="http://validationservice.vsoftcorp.com/">';
    $soapString .= "<soapenv:Header/>
   <soapenv:Body>
      <val:StartTran>
         <val:request>
            <val:InstId>{$parms['InstID']}</val:InstId>
            <val:ApplicationId>6</val:ApplicationId>
            <val:UserId>{$parms['Cn']}</val:UserId>
            <val:Email>" . urldecode($parms['Ml']) . "</val:Email>
            <val:AccountNumber>{$parms['depositAcct']}</val:AccountNumber>
            <val:AccountType>{$parms['depositType']}</val:AccountType>
            <val:ImageFormat>1</val:ImageFormat>
            <val:ImageView>0</val:ImageView>
            <val:ProfileId>{$parms['depositlimit']}</val:ProfileId>
            <val:ReturnImage>0</val:ReturnImage>
         </val:request>
      </val:StartTran>
   </soapenv:Body>
</soapenv:Envelope>\n";

    $cmd = "/usr/bin/curl --silent --cacert /etc/ssl/certs/ValiCert.crt --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://validationservice.vsoftcorp.com/StartTran\"'";
    $cmd .= " {$parms['serviceurl']}";

    $soapHeaders = array();
    $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
    $soapHeaders[] = 'SOAPAction: "http://validationservice.vsoftcorp.com/StartTran"';
    $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
      $logParms = $parms["environment"];                      // get the environment info passed in
      $logParms["SSOVendor"] = $parms['rdcvendor'];
      $logParms["token"] = $parms['SessionId'];              // the id used across all communications in session
      $logParms["txnId"] = time();                            // the id for this transaction
      $logParms["logPoint"] = "StartTran";                    // this action in a readable form
      $logParms["request"] = $cmd;                            // the request
      $logParms["reply"] = $response;                         // the response
      LogSSOActivity($logParms);
    }

    $pos = strpos($response, 'HCUERROR: ');
    if ($pos !== false) {
      throw new Exception(substr($response, $pos));
    }
    if (empty($response)) {
      throw new Exception("Empty Response");
    }
    // call parse function to format response array
    $xmlreturn = vsoftGetXMLResponse($response, 'StartTranResult', 'http://validationservice.vsoftcorp.com/');
    if (!is_array($xmlreturn)) {
      throw new Exception("RDC Invalid XML Response");
    }

    if (!$xmlreturn[0]['ReturnValue']) {
      throw new Exception("{$xmlreturn[0]['ErrorDesc']} - {$xmlreturn[0]['ErrorCode']}");
    } else {
      $return['status']['response'] = 'true';
      $return['status']['message'] = 'Success';
      $return['data'] = $xmlreturn[0];
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['message'] = $e->getMessage();
    $return['status']['raw'] = "$response";
  }
  return $return;
}

/**
 * uses: $parms['SessionId']
 * $parms['amount']
 * $parms['FrontImage']
 * $parms['RearImage']
 * $parms['serviceurl']
 */
function vsoftProcess($parms) {

  try {
    if (!isset($parms['SessionId']) || !isset($parms['serviceurl']) ||
      !isset($parms['amount']) ||
      !isset($parms['FrontImage']) ||
      !isset($parms['RearImage'])) {
      $str = '';
      if (!isset($parms['SessionId']))
        $str .= "SessionId ";
      if (!isset($parms['serviceurl']))
        $str .= "serviceurl ";
      if (!isset($parms['amount']))
        $str .= "amount ";
      if (!isset($parms['FrontImage']))
        $str .= "FrontImage ";
      if (!isset($parms['RearImage']))
        $str .= "RearImage ";

      throw new Exception("Missing Parameters ($str)");
    }

    $soapString = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:val="http://validationservice.vsoftcorp.com/">';
    $soapString .= "<soapenv:Header/>
    <soapenv:Body>
      <val:Process>
         <val:request>
            <val:SessionId>{$parms['SessionId']}</val:SessionId>
            <val:Amount>";
    $soapString .= sprintf('%.2f', $parms['amount'] * .01);
    $soapString .= "</val:Amount>
            <val:FrontImage>{$parms['FrontImage']}</val:FrontImage>
            <val:RearImage>{$parms['RearImage']}</val:RearImage>
        </val:request>
      </val:Process>
    </soapenv:Body>
    </soapenv:Envelope>\n";

    $cmd = "/usr/bin/curl --silent --cacert /etc/ssl/certs/ValiCert.crt --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://validationservice.vsoftcorp.com/Process\"'";
    $cmd .= " {$parms['serviceurl']}";

    $soapHeaders = array();
    $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
    $soapHeaders[] = 'SOAPAction: "http://validationservice.vsoftcorp.com/Process"';
    $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    // no need to log the images - so strip them out
    $logRequest = $soapString;
    $startpos = strpos($logRequest, ':FrontImage>') + 12;
    $endpos = strrpos($logRequest, '</val:FrontImage>');
    $logRequest = substr_replace($logRequest, " Base64-encode parms['CheckFront'] ", $startpos, $endpos - $startpos);
    $startpos = strpos($logRequest, '<val:RearImage>') + 15;
    $endpos = strrpos($logRequest, '</val:RearImage>');
    $logRequest = substr_replace($logRequest, " Base64-encode parms['CheckBack'] ", $startpos, $endpos - $startpos);

    // Vsoft v1 sent a <ReturnImages>false XML tag so not an issue
    // but Vsoft v6 may return the images in a success response
    // strip those out if we find them.  Note that if Vsoft response
    // includes namesapce as ns:FrontImage this code will need to change
    // see CheckAlt for method that works with namespace

    // According to Vsoft, leaving out the <ReturnImages> tag defaults false, no images.
    // So probably don't need this block.
    // but leaving it in until testing confirms not neeed.

    if ($parms["logging"] == "enabled") {
      $logParms = $parms["environment"];
      $logParms["SSOVendor"] = $parms['rdcvendor'];
      $logParms["token"] = $parms['SessionId'];
      $logParms["txnId"] = time();
      $logParms["logPoint"] = "Process";
      $logParms["request"] = "Request HDRs: " . print_r($soapHeaders, true);
      $logParms["request"] .= "Request URL: {$parms['serviceurl']}\n";
      $logParms["request"] .= "Request String: $logRequest\n";
      $logParms["reply"] = $response;
      LogSSOActivity($logParms);
    }

    $pos = strpos($response, 'HCUERROR: ');
    if ($pos !== false) {
      throw new Exception(substr($response, $pos));
    }
    if (empty($response)) {
      throw new Exception("Empty Response");
    }

    $xmlreturn = vsoftGetXMLResponse($response, 'ProcessResult', 'http://validationservice.vsoftcorp.com/');

    if (!is_array($xmlreturn)) {
      throw new Exception("RDC Invalid XML Response");
    }

    if (!$xmlreturn[0]['ReturnValue']) {
      throw new Exception("{$xmlreturn[0]['ErrorDesc']} - {$xmlreturn[0]['ErrorCode']}");
    } else {
      $return['status']['response'] = 'true';
      $return['status']['message'] = 'Success';
      $return['data'] = $xmlreturn[0];
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['message'] = $e->getMessage();
    // $return['status']['raw'] = "$xmlreturn";
    $return['data'] = $xmlreturn[0];
  }
  return $return;
}

/**
 * uses: $parms['SessionId']
 * $parms['ReturnValue']
 * $parms['serviceurl']
 */
function vsoftAck($parms) {

  try {
    if (!isset($parms['SessionId']) || !isset($parms['serviceurl']) ||
    !isset($parms['ReturnValue'])) {
      throw new Exception("Missing Parameters");
    }
    $soapString = '<?xml version="1.0" encoding="utf-8"?>';

    $soapString .= '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:val="http://validationservice.vsoftcorp.com/">
   <soapenv:Header/>';
    $soapString .= "<soapenv:Body>
      <val:Acknowledgment>
         <val:request>
            <val:SessionId>{$parms['SessionId']}</val:SessionId>
            <val:ReturnValue>{$parms['ReturnValue']}</val:ReturnValue>
         </val:request>
      </val:Acknowledgment>
   </soapenv:Body>
</soapenv:Envelope>\n";

    $cmd = "/usr/bin/curl --silent --cacert /etc/ssl/certs/ValiCert.crt --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://validationservice.vsoftcorp.com/Acknowledgment\"'";
    $cmd .= " {$parms['serviceurl']}";

    $soapHeaders = array();
    $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
    $soapHeaders[] = 'SOAPAction: "http://validationservice.vsoftcorp.com/Acknowledgment"';
    $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
      $logParms = $parms["environment"];                      // get the environment info passed in
      $logParms["SSOVendor"] = $parms['rdcvendor'];
      $logParms["token"] = $parms['SessionId'];               // the id used across all communications in session
      $logParms["txnId"] = time();                            // the id for this transaction
      $logParms["logPoint"] = "Ack";                          // this action in a readable form
      $logParms["request"] = $cmd;                            // the request
      $logParms["reply"] = $response;                         // the response
      LogSSOActivity($logParms);
    }

    $pos = strpos($response, 'HCUERROR: ');
    if ($pos !== false) {
      throw new Exception(substr($response, $pos));
    }
    if (empty($response)) {
      throw new Exception("Empty Response");
    }
    // call parse function to format response array
    $xmlreturn = vsoftGetXMLResponse($response, 'AcknowledgmentResult', 'http://validationservice.vsoftcorp.com/');
    if (!is_array($xmlreturn)) {
      throw new Exception("RDC Invalid XML Response");
    }

    if (!$xmlreturn[0]['ReturnValue']) {
      throw new Exception("{$xmlreturn[0]['ErrorDesc']} - {$xmlreturn[0]['ErrorCode']}");
    } else {
      $return['status']['response'] = 'true';
      $return['status']['message'] = 'Success';
      $return['data'] = $xmlreturn[0];
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['message'] = $e->getMessage();
  }
  return $return;
}

/**
 * uses: $parms['InstID']
 * $parms['Cn']
 *
 * history call is not implemented until v1.9, which is not yet available
 * so for now, just return successful/empty
 * note that vsoft also wants depositAcct / depositType to get history
 * if I read the WSDL right, depositAcct is optional, depositType required
 * depositType 1=DDA, 2=GL, 3=Savings, 4=Money Market.
 * not sure yet how to implement this...without re-writing app calls.
 * perhaps make the call & append to result array for ea account in hculist?
 */
function vsoftHistory($parms) {

  //8-29-19 still not using, does not support our current framework
  //we want all user history, this is based on a selected account
  //so returning a success here and will show history from our table
  $return = array();
  $return['status']['response'] = 'true';
  $return['status']['message'] = 'Success';
  $return['callparms'] = $parms;
  $return['data'] = array();
  return $return;

  try {
    $parms['SessionId'] = time();
    if (!isset($parms['InstID']) || !isset($parms['serviceurl']) ||
    !isset($parms['Cn']) || !isset($parms['depositAcct']) ||
    !isset($parms['depositType'])) {
      throw new Exception("Missing Parameters " . print_r($parms, true));
    }

    $soapString = '<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
    <AccountTransactionHistory xmlns="http://validationservice.vsoftcorp.com/">';

    $soapString .= "<AcctTransHistoryRequest>
        <InstId>{$parms['InstID']}</InstId>
        <AccountNumber>{$parms['depositAcct']}</AccountNumber>
        <UserId>{$parms['Cn']}</UserId>
        <AccountType>{$parms['depositType']}</AccountType>
        </AcctTransHistoryRequest>
        </AccountTransactionHistory>
    </soap:Body>
    </soapenv:Envelope>\n";

    $cmd = "/usr/bin/curl --silent --cacert /etc/ssl/certs/ValiCert.crt --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://validationservice.vsoftcorp.com/AccountTransactionHistory\"'";
    $cmd .= " {$parms['serviceurl']}";

    $soapHeaders = array();
    $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
    $soapHeaders[] = 'SOAPAction: "http://validationservice.vsoftcorp.com/AccountTransactionHistory"';
    $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
      $logParms = $parms["environment"];                      // get the environment info passed in
      $logParms["SSOVendor"] = $parms['rdcvendor'];
      $logParms["token"] = $parms['SessionId'];               // the id used across all communications in session
      $logParms["txnId"] = time();                            // the id for this transaction
      $logParms["logPoint"] = "TransactionHistory";           // this action in a readable form
      $logParms["request"] = $cmd;                            // the request
      $logParms["reply"] = $response;                         // the response
      LogSSOActivity($logParms);
    }

    $pos = strpos($response, 'HCUERROR: ');
    if ($pos !== false) {
      throw new Exception(substr($response, $pos));
    }
    if (empty($response)) {
      throw new Exception("Empty Response");
    }
    // call parse function to format response array
    $xmlreturn = vsoftGetXMLResponse($response, 'AccountTransactionHistoryResult', 'http://validationservice.vsoftcorp.com/');
    if (!is_array($xmlreturn)) {
      throw new Exception("RDC Invalid XML Response");
    }

    if (!$xmlreturn[0]['ReturnValue']) {
      throw new Exception("{$xmlreturn[0]['ErrorDesc']} - {$xmlreturn[0]['ErrorCode']}");
    } else {
      $return['status']['response'] = 'true';
      $return['status']['message'] = 'Success';
      $return['data'] = $xmlreturn[0];
    }
  } catch (Exception $e) {
    $return['status']['response'] = 'false';
    $return['status']['message'] = $e->getMessage();
    $return['data'] = $response;
  }
  return $return;
}

function vsoftGetXMLResponse($rdcXML, $rdcCONT, $rdcNS) {
  try {
    $xml = simplexml_load_string($rdcXML, "SimpleXMLElement", LIBXML_NOWARNING);
    if (!is_object($xml)) {
      throw new Exception("Invalid XML not object");
    }
    $xml->registerXPathNamespace('s', "http://schemas.xmlsoap.org/soap/envelope/");
    $errorresponse = $xml->xpath("//s:Fault");
    if (is_array($errorresponse) && count($errorresponse)) {
      $resp_arr = array(
        'faultcode' => $errorresponse[0]->faultcode,
        'faultstring' => $errorresponse[0]->faultstring
      );
    } else {
      $xml->registerXPathNamespace('rdc', $rdcNS);
      $dataresponse = $xml->xpath("//rdc:$rdcCONT");
      $resp_arr = objectToArray($dataresponse);
    }
  } catch (Exception $e) {
    $resp_arr = false;
  }
  return $resp_arr;
}