/** * Build the payment link * @return string */ function euplatesc_link($params) { /** * Gateway Configuration Parameters */ $accountId = $params['accountID']; $secretKey = htmlspecialchars_decode($params['secretKey']); $allowedIPs = $params['allowedIPs']; $transactionFee = $params['transactionFee']; /** * Invoice Parameters * Note that amount to pay will always be calculated in RON */ $invoiceId = $params['invoiceid']; $description = $params['description']; $amount = $params['amount']; $currencyCode = $params['currency']; $baseAmount = $params['basecurrencyamount']; // amount to pay, in client's currency $baseCurrency = $params['basecurrency']; // client's currency $baseExchange = $amount / $baseAmount; // exchange rate /** * Store the base amount, currency and rate in an array * We will need the array later, at payment confirmation */ $base = array('amount' => $baseAmount, 'currency' => $baseCurrency, 'rate' => $baseExchange); /** * Client Parameters */ $firstname = $params['clientdetails']['firstname']; $lastname = $params['clientdetails']['lastname']; $email = $params['clientdetails']['email']; $address1 = $params['clientdetails']['address1']; $address2 = $params['clientdetails']['address2']; $city = $params['clientdetails']['city']; $state = $params['clientdetails']['state']; $postcode = $params['clientdetails']['postcode']; $country = $params['clientdetails']['country']; $phone = $params['clientdetails']['phonenumber']; $companyname = $params['clientdetails']['companyname']; /** * Special Fields (please modify as per your local settings) */ $isCompany = $params['clientdetails1']; // if defined, has value "on" /** * System Parameters */ $companyName = $params['companyname']; $systemUrl = $params['systemurl']; $returnUrl = $params['returnurl']; $langPayNow = $params['langpaynow']; $moduleDisplayName = $params['name']; $moduleName = $params['paymentmethod']; $whmcsVersion = $params['whmcsVersion']; /** * Payment Url, where data should be sent via POST */ $url = 'https://secure.euplatesc.ro/tdsprocess/tranzactd.php'; /** * prepare the array of data whish will be verified by hmac */ $dataAll = array(); $dataAll['amount'] = $amount; // amount to pay $dataAll['curr'] = $currencyCode; // currency code (EUR, RON, USD) $dataAll['invoice_id'] = $invoiceId; // invoice id, as defined by merchant $dataAll['order_desc'] = $description; // invoice description $dataAll['merch_id'] = $accountId; // merchant id, as defined by EuPlatesc.ro // =========== DO NOT MODIFY BELOW ============= // $dataAll['timestamp'] = gmdate("YmdHis"); // build the timestamp with instant value $dataAll['nonce'] = md5(microtime() . mt_rand()); // build a random string for nonce $dataAll['fp_hash'] = strtoupper(euplatesc_mac($dataAll, $secretKey)); // encode all data in a hash string (uppercased) // billing $dataBill = array(); $dataBill['fname'] = $firstname; $dataBill['lname'] = $lastname; $dataBill['country'] = $country; if ('on' == $isCompany) { $dataBill['company'] = $companyname; } $dataBill['city'] = $city; $dataBill['add'] = $address1; if ($address2 != '') { $dataBill['add'] .= ', ' . $address2; } $dataBill['email'] = $email; $dataBill['phone'] = $phone; /** * serialize array with basecurrency invoicing data * also, encode it into base64, in order to survive the transport */ $dataBill['ExtraData'] = base64_encode(json_encode($base)); // shipping $dataShip = array(); $dataShip['sfname'] = $firstname; $dataShip['slname'] = $lastname; $dataShip['scountry'] = $country; if ('on' == $isCompany) { $dataShip['scompany'] = $companyname; } $dataShip['scity'] = $city; $dataShip['sadd'] = $address1; if ($address2 != '') { $dataShip['sadd'] .= ', ' . $address2; } $dataShip['semail'] = $email; $dataShip['sphone'] = $phone; /** * build the payment form * we have added some EOL characters * in order to make the resulted HTML code more readable */ // open the form $htmlOutput = '<form name="gateway" method="post" target="_self" action="' . $url . '"> '; // add the encoded data foreach ($dataAll as $k => $v) { $htmlOutput .= '<input type="hidden" name="' . $k . '" value="' . $v . '" /> '; } // add the billing data foreach ($dataBill as $k => $v) { $htmlOutput .= '<input type="hidden" name="' . $k . '" value="' . $v . '" /> '; } // add the shipping data foreach ($dataShip as $k => $v) { $htmlOutput .= '<input type="hidden" name="' . $k . '" value="' . $v . '" /> '; } // add EuPlatesc.ro logo near the button $htmlOutput .= '<img alt="EuPlatesc.ro" src="https://devel.hangar.hosting/assets/img/euplatesc150.png" /> '; // add the "pay now" button $htmlOutput .= '<input type="submit" value="' . $langPayNow . '" /> '; // close the form $htmlOutput .= '</form>'; // return the code return $htmlOutput; }
function hmacsha1($key, $data) { $blocksize = 64; $hashfunc = 'md5'; if (strlen($key) > $blocksize) { $key = pack('H*', $hashfunc($key)); } $key = str_pad($key, $blocksize, chr(0x0)); $ipad = str_repeat(chr(0x36), $blocksize); $opad = str_repeat(chr(0x5c), $blocksize); $hmac = pack('H*', $hashfunc(($key ^ $opad) . pack('H*', $hashfunc(($key ^ $ipad) . $data)))); return bin2hex($hmac); } function euplatesc_mac($data, $key = NULL) { $str = NULL; foreach ($data as $d) { if ($d === NULL || strlen($d) == 0) { $str .= '-'; // valorile nule sunt inlocuite cu - } else { $str .= strlen($d) . $d; } } $key = pack('H*', $key); return hmacsha1($key, $str); } $dataAll = array('amount' => $_POST['amount'], 'curr' => 'RON', 'invoice_id' => str_pad(substr(mt_rand(), 0, 7), 7, '0', STR_PAD_LEFT), 'order_desc' => 'Donatie online', 'merch_id' => $mid, 'timestamp' => gmdate("YmdHis"), 'nonce' => md5(microtime() . mt_rand())); $dataAll['fp_hash'] = strtoupper(euplatesc_mac($dataAll, $key)); // completati cu valorile dvs $dataBill = array('fname' => '', 'lname' => '', 'country' => '', 'company' => '', 'city' => '', 'add' => '', 'email' => $_POST['email'], 'phone' => '', 'fax' => '');
* read the secret key from the config variables */ $secretKey = htmlspecialchars_decode($gatewayParams['secretKey']); /** * read the transaction fee percent */ $transactionFee = $gatewayParams['transactionFee']; /** * Retrieve data returned in payment gateway callback */ $responseData = array('amount' => addslashes(trim(@$_POST['amount'])), 'curr' => addslashes(trim(@$_POST['curr'])), 'invoice_id' => addslashes(trim(@$_POST['invoice_id'])), 'ep_id' => addslashes(trim(@$_POST['ep_id'])), 'merch_id' => addslashes(trim(@$_POST['merch_id'])), 'action' => addslashes(trim(@$_POST['action'])), 'message' => addslashes(trim(@$_POST['message'])), 'approval' => addslashes(trim(@$_POST['approval'])), 'timestamp' => addslashes(trim(@$_POST['timestamp'])), 'nonce' => addslashes(trim(@$_POST['nonce'])), 'sec_status' => addslashes(trim(@$_POST['sec_status']))); /** * Calculate local hash and store both local and received hashes * we will compare them later */ $responseData['fp_hash'] = strtoupper(euplatesc_mac($responseData, $secretKey)); $fp_hash = addslashes(trim(@$_POST['fp_hash'])); /** * Read the ExtraData from the callback POST data */ $ExtraData = base64_decode(addslashes(trim($_POST['ExtraData']))); /** we need this array to store data on the temporary period of manual verification * Build an array with data that needs to be temporarily stored * if a payment must be manually verified * * After a manual verification, EuPlatesc.ro does NOT resend all data (e.q. InvoiceID), * and the only common data is the transaction ID */ $base = json_decode($ExtraData, true); $base['paid'] = $responseData['amount'] / $base['rate']; $base['fee'] = $base['paid'] * $transactionFee / 100;