function encryptAndEncode($strIn, $strEncryptionType, $strEncryptionPassword) { if ($strEncryptionType == "XOR") { //** XOR encryption with Base64 encoding ** return base64Encode(simpleXor($strIn, $strEncryptionPassword)); } else { //** AES encryption, CBC blocking with PKCS5 padding then HEX encoding - DEFAULT ** //** use initialization vector (IV) set from $strEncryptionPassword $strIV = $strEncryptionPassword; //** add PKCS5 padding to the text to be encypted $strIn = self::addPKCS5Padding($strIn); //** perform encryption with PHP's MCRYPT module $strCrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $strEncryptionPassword, $strIn, MCRYPT_MODE_CBC, $strIV); //** perform hex encoding and return return "@" . bin2hex($strCrypt); } }
function decodeAndDecrypt($strIn) { global $strEncryptionPassword; if (substr($strIn, 0, 1) == "@") { //** HEX decoding then AES decryption, CBC blocking with PKCS5 padding - DEFAULT ** //** use initialization vector (IV) set from $strEncryptionPassword $strIV = $strEncryptionPassword; //** remove the first char which is @ to flag this is AES encrypted $strIn = substr($strIn, 1); //** HEX decoding $strIn = pack('H*', $strIn); //** perform decryption with PHP's MCRYPT module return removePKCS5Padding(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $strEncryptionPassword, $strIn, MCRYPT_MODE_CBC, $strIV)); } else { //** Base 64 decoding plus XOR decryption ** return simpleXor(base64Decode($strIn), $strEncryptionPassword); } }
/** * process callback */ function paymentProcess($order_id, $crypt) { //hack for changing white space to + sign $crypt = str_replace(' ', '+', $crypt); require_once 'models/ecommerce/ecommerce_order.php'; $Order = new ecommerce_order(); require_once 'lib/protx.functions.php'; //decode crypt $pg_data_x = simpleXor(base64Decode($crypt), ECOMMERCE_TRANSACTION_PROTX_PASSWORD); //explode protx data $pg_data = getToken($pg_data_x); /** * PROTX: * vpstxid [int] * avscv2 [int] * txauthno[int] * vpsstatus[int] */ /* $pg_data_x = explode('&', $pg_data_x); for ($i=1; $i<count($pg_data_x); $i++) { $param = explode('=', $pg_data_x[$i]); $pg_data[$param[0]] = $param[1]; } */ //print_r($pg_data); // check if $pg_data['VendorTxCode'] = $_GET['order_id'] $this->msgProtxStatus($pg_data['Status']); $order_data = $Order->getOrder($order_id); //print_r($order_data); /** * optional: save only orders in valid status */ /* if ($order_data['status'] == 1 || $order_data['status'] == 2 || $order_data['status'] == 3 || $order_data['status'] == 4) { msg("Ecommerce_transaction: Order in status New (paid), Dispatched, Completed, Cancelled", 'error', 2); msg("This order (id=$order_id) was already paid before.", 'error'); } */ $transaction_data['order_id'] = $order_data['id']; $transaction_data['pg_data'] = serialize($pg_data); $transaction_data['currency_code'] = GLOBAL_DEFAULT_CURRENCY; if (is_numeric($pg_data['Amount'])) { $transaction_data['amount'] = $pg_data['Amount']; } else { $transaction_data['amount'] = 0; } $transaction_data['created'] = date('c'); $transaction_data['type'] = 'protx'; if ($pg_data['Status'] == 'OK') { $transaction_data['status'] = 1; } else { $transaction_data['status'] = 0; } /** * insert */ if ($id = $this->Transaction->insert($transaction_data)) { // in payment_success must be everytime Status OK if ($pg_data['Status'] == 'OK') { $Order->setStatus($order_id, 1); //send email to admin require_once 'models/common/common_email.php'; $EmailForm = new common_email(); $_Onxshop_Request = new Onxshop_Request("component/ecommerce/order_detail~order_id={$order_data['id']}~"); $order_data['order_detail'] = $_Onxshop_Request->getContent(); //this allows use customer data and company data in the mail template //is passed as DATA to template in common_email->_format $GLOBALS['common_email']['transaction'] = $transaction_data; $GLOBALS['common_email']['order'] = $order_data; if (!$EmailForm->sendEmail('new_order_paid', 'n/a', $order_data['client']['customer']['email'], $order_data['client']['customer']['first_name'] . " " . $order_data['client']['customer']['last_name'])) { msg('ecommerce_transaction: Cant send email.', 'error', 2); } if ($Order->conf['mail_to_address']) { if (!$EmailForm->sendEmail('new_order_paid', 'n/a', $Order->conf['mail_to_address'], $Order->conf['mail_to_name'])) { msg('ecommerce_transaction: Cant send email.', 'error', 2); } } } else { $Order->setStatus($order_id, 5); } return $id; } else { //to be sure... if ($pg_data['Status'] == 'OK') { msg("Payment for order {$order_id} was successfully Authorised, but I cant save the transaction TxAuthNo {$pg_data['TxAuthNo']}!", 'error'); } msg("payment/protx: cannot insert serialized pg_data: {$transaction_data['pg_data']}", 'error'); return false; } }