<?php include dirname(__FILE__) . '/../../config/config.inc.php'; include dirname(__FILE__) . '/dibs.php'; $posted_values = array(); $errors = array(); $obj_dibs = new dibs(); $required_fields = array('orderid', 'paytype', 'transact', 'merchant', 'uniqueoid', 'amount', 'currency', 'authkey'); $valid_order = true; if (count($_POST)) { $posted_values = $_POST; foreach ($required_fields as $field) { if (!isset($posted_values[$field])) { $errors[] = 'Missing field ' . $field; } } $secure_cart = explode('_', $posted_values['uniqueoid']); $arr_order_id = explode('_', $posted_values['orderid']); $posted_values['orderid'] = $arr_order_id[0]; if ((string) $posted_values['merchant'] !== (string) dibs::$ID_MERCHANT) { $errors[] = Tools::displayError('You did not use the correct merchant ID.'); } $md5_key = md5(dibs::$MORE_SETTINGS['k2'] . md5(dibs::$MORE_SETTINGS['k1'] . 'transact=' . $posted_values['transact'] . '&amount=' . $posted_values['amount'] . '¤cy=' . $posted_values['currency'])); if ((string) $posted_values['authkey'] !== $md5_key) { $errors[] = Tools::displayError('Your are not allowed to validate the command for security reasons.'); } $message = ''; foreach ($posted_values as $key => $value) { if (is_string($value) and in_array($key, $required_fields) and $key !== 'HTTP_COOKIE') { $message .= $key . ': ' . $value . "\n"; }
private function preProcess() { if (Tools::isSubmit('submitModule')) { self::$ID_MERCHANT = Tools::getValue('idMerchant') !== '' ? Tools::getValue('idMerchant') : self::$ID_MERCHANT; self::$ACCEPTED_URL = Validate::isUrl(Tools::getValue('acceptedUrl')) ? Tools::getValue('acceptedUrl') : self::$ACCEPTED_URL; self::$CANCELLED_URL = Validate::isUrl(Tools::getValue('cancelledUrl')) ? Tools::getValue('cancelledUrl') : self::$CANCELLED_URL; self::$TESTING = (int) isset($_POST['testing']); self::$MORE_SETTINGS['flexwin_color'] = Tools::getValue('flexwin_color'); self::$MORE_SETTINGS['logo_color'] = Tools::getValue('logo_color'); self::$MORE_SETTINGS['k1'] = Tools::getValue('k1'); self::$MORE_SETTINGS['k2'] = Tools::getValue('k2'); Configuration::updateValue('DIBS_ID_MERCHANT', self::$ID_MERCHANT); Configuration::updateValue('DIBS_ACCEPTED_URL', self::$ACCEPTED_URL); Configuration::updateValue('DIBS_CANCELLED_URL', self::$CANCELLED_URL); Configuration::updateValue('DIBS_TESTING', self::$TESTING); Configuration::updateValue('DIBS_MORE_SETTINGS', Tools::htmlentitiesUTF8(serialize(self::$MORE_SETTINGS))); $data_sync = ''; if (self::$ID_MERCHANT !== '' and self::$TESTING !== 1 and self::$MORE_SETTINGS['k1'] !== '' and self::$MORE_SETTINGS['k2'] !== '') { $data_sync = '<img src="http://api.prestashop.com/modules/dibs.png?site_id=' . urlencode(self::$ID_MERCHANT) . '" style="float:right" />'; } return '<div class="conf confirm"><img src="../img/admin/ok.gif"/>' . $this->l('Configuration updated') . $data_sync . '</div>'; } return ''; }