function ogone_get_response() { $response = $_REQUEST; foreach ($_COOKIE as $key => $value) { unset($response[$key]); } // si pas de signature dans la reponse, la refuser if (!isset($response['SHASIGN'])) { spip_log('reponse recue sans signature ' . var_export($response), 'ogone'); return false; } if ($response['SHASIGN'] !== ogone_sha_out($response) and $response['SHASIGN'] !== ogone_sha_out(array_map('utf8_encode', $response))) { return false; } unset($response['action']); unset($response['bankp']); return $response; }
function ogone_get_response($config) { $response = $_REQUEST; foreach ($_COOKIE as $key => $value) { unset($response[$key]); } // si pas de signature dans la reponse, la refuser if (!isset($response['SHASIGN'])) { bank_transaction_invalide(0, array('mode' => "ogone", 'erreur' => "reponse recue sans signature", 'log' => var_export($response, true))); return false; } if ($response['SHASIGN'] !== ogone_sha_out($response, $config) and $response['SHASIGN'] !== ogone_sha_out(array_map('utf8_encode', $response), $config)) { bank_transaction_invalide(0, array('mode' => "ogone", 'erreur' => "signature invalide", 'log' => var_export($response, true))); return false; } unset($response['action']); unset($response['bankp']); return $response; }