Filter characters from basket not allowed by SagePay

Author: Andy Coates

src/Message/AbstractRequest.php

@@ -144,6 +144,46 @@ protected function createResponse($data)
         return $this->response = new Response($this, $data);
     }
 
+    /**
+     * Filters out any characters that SagePay does not support from the item name.
+     *
+     * Believe it or not, SagePay actually have separate rules for allowed characters
+     * for item names and discount names, hence the need for two separate methods.
+     *
+     * @param string $name
+     *
+     * @return string
+     */
+    protected function filterItemName($name)
+    {
+        $standardChars = "0-9a-zA-Z";
+        $allowedSpecialChars = " +'/\\&:,.-{}";
+        $pattern = '`[^'.$standardChars.preg_quote($allowedSpecialChars, '/').']`';
+        $name = trim(preg_replace($pattern, '', $name));
+
+        return $name;
+    }
+
+    /**
+     * Filters out any characters that SagePay does not support from the discount name.
+     *
+     * Believe it or not, SagePay actually have separate rules for allowed characters
+     * for item names and discount names, hence the need for two separate methods.
+     *
+     * @param string $name
+     *
+     * @return string
+     */
+    protected function filterDiscountName($name)
+    {
+        $standardChars = "0-9a-zA-Z";
+        $allowedSpecialChars = " +'/\\:,.-{};_@()^\"~[]$=!#?|";
+        $pattern = '`[^'.$standardChars.preg_quote($allowedSpecialChars, '/').']`';
+        $name = trim(preg_replace($pattern, '', $name));
+
+        return $name;
+    }
+
     /**
      * Get an XML representation of the current cart items
      *
@@ -168,7 +208,7 @@ protected function getItemData()
             } else {
                 $total = ($basketItem->getQuantity() * $basketItem->getPrice());
                 $item = $xml->addChild('item');
-                $item->description = $basketItem->getName();
+                $item->description = $this->filterItemName($basketItem->getName());
                 $item->addChild('quantity', $basketItem->getQuantity());
                 $item->addChild('unitNetAmount', $basketItem->getPrice());
                 $item->addChild('unitTaxAmount', '0.00');
@@ -182,7 +222,7 @@ protected function getItemData()
                 if ($discountItem->getPrice() < 0) {
                     $discount = $discounts->addChild('discount');
                     $discount->addChild('fixed', ($discountItem->getPrice() * $discountItem->getQuantity()) * -1);
-                    $discount->description = $discountItem->getName();
+                    $discount->description = $this->filterDiscountName($discountItem->getName());
                 }
             }
         }