function process_payment_return() { global $label; /* Note: This should not be executed in the normal course of events. Instead, the code at the top is executed to verify / complete the transaction The code below will check previous transactions to make sure it is not processed twice. */ if ($_REQUEST['x_response_code'] != '') { foreach ($_REQUEST as $key => $value) { $req .= "&{$key}={$value}"; } $invoice_id = jb_strip_order_id($_REQUEST['x_invoice_num']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); $myhash = strtoupper(md5(AUTHNET_MD5_HASH . AUTHNET_LOGIN_ID . $_REQUEST['x_trans_id'] . $_REQUEST['x_amount'])); authnet_log_entry('x_response_code: ' . $_REQUEST['x_response_code'] . ' myhash ' . $myhash . ' md5_hash ' . $_REQUEST['x_MD5_Hash'] . ' invoice_id' . $invoice_id . ' product_type' . $product_type); if ($_REQUEST['x_MD5_Hash'] == $myhash) { authnet_log_entry('authorize.net: (gateway) ' . $req); // log the request switch ($_REQUEST['x_response_code']) { case "1": // approved // check for the transaction $sql = "SELECT * FROM jb_txn WHERE txn_id='" . jb_escape_sql($_REQUEST['x_trans_id']) . "' and `origin`='AuthorizeNet' "; $result = JB_mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($result) > 0) { authnet_log_entry($_REQUEST['x_trans_id'] . " already in the database, possibly entered in by the Relay Responce IR: System)"); } else { echo "<p align='center'> " . $label['payment_authnet_completed'] . "</p>"; if ($product_type == 'P') { JB_complete_package_invoice($invoice_id, 'AuthorizeNet'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_posts_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_posts_completed2']); ?> <p><?php echo $label['payment_posts_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'S') { JB_complete_subscription_invoice($invoice_id, 'AuthorizeNet'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_subscription_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_subscription_completed2']); ?> <p><?php echo $label['payment_subscription_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'M') { JB_complete_membership_invoice($invoice_id, 'AuthorizeNet'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_membership_completed']; ?> </p> </center> <?php } JB_debit_transaction($invoice_id, $_REQUEST['x_amount'], AUTHNET_CURRENCY, $_REQUEST['x_trans_id'], $reason, 'AuthorizeNet', $product_type); } //JB_debit_transaction($invoice_id, $_POST['x_amount'], 'USD', $_POST['x_trans_id'], $reason, 'AuthorizeNet', $product_type); break; case "2": // declined $label['payment_return_denied'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_denied']); echo "<p align='center'> " . $label['payment_return_denied'] . "</p>"; break; case "3": // Error echo "<p align='center'>" . $label['payment_return_error'] . "</p>"; break; default: echo "<p align='center'>" . $label['payment_return_error'] . "</p>"; break; } } else { authnet_log_entry("Authorize.net: Invalid signiture (pls verify your md5 hash value)"); } } ?> <p> </p> <p> </p> <p> </p> <p> </p> <?php }
function process_payment_return() { global $label; if ($_POST['x_response_code'] != '') { //$_POST['x_md5_hash']; $working_sig = strtoupper(md5($merchant_id . $transaction_id . $secret . $mb_amount . $mb_currency . $status)); $sql = "SELECT * FROM orders where order_id='" . $_POST['x_invoice_num'] . "'"; $result = mysql_query($sql) or die(mysql_error() . $sql); $order_row = mysql_fetch_array($result); $myhash = strtoupper(md5(AUTHNET_X_TRAN_KEY . AUTHNET_LOGIN_ID . $_POST['x_trans_id'] . $_POST['x_amount'])); if ($_POST['x_md5_hash'] == $myhash) { switch ($_POST['x_response_code']) { case "1": // approved debit_transaction($_POST['x_invoice_num'], $_POST['x_amount'], AUTHNET_CURRENCY, $_POST['x_trans_id'], $_POST['x_response_reason_text'], 'authorize.net'); complete_order($order_row['user_id'], $_POST['x_invoice_num']); break; case "2": // declined break; case "3": // Error break; } } else { authnet_log_entry("Authorize.net: Invalid signiture"); } } }