osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2014 osCommerce Released under the GNU General Public License */ chdir('../../../../'); require 'includes/application_top.php'; if (!defined('MODULE_PAYMENT_SAGE_PAY_SERVER_STATUS') || MODULE_PAYMENT_SAGE_PAY_SERVER_STATUS != 'True') { exit; } include DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/sage_pay_server.php'; include 'includes/modules/payment/sage_pay_server.php'; $sage_pay_server = new sage_pay_server(); $result = null; if (isset($_GET['skcode']) && isset($_POST['VPSSignature']) && isset($_POST['VPSTxId']) && isset($_POST['VendorTxCode']) && isset($_POST['Status'])) { $skcode = tep_db_prepare_input($_GET['skcode']); $sp_query = tep_db_query('select securitykey from sagepay_server_securitykeys where code = "' . tep_db_input($skcode) . '" limit 1'); if (tep_db_num_rows($sp_query)) { $sp = tep_db_fetch_array($sp_query); $transaction_details = array('ID' => $_POST['VPSTxId']); $sig = $_POST['VPSTxId'] . $_POST['VendorTxCode'] . $_POST['Status']; if (isset($_POST['TxAuthNo'])) { $sig .= $_POST['TxAuthNo']; } $sig .= strtolower(substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15)); if (isset($_POST['AVSCV2'])) { $sig .= $_POST['AVSCV2']; $transaction_details['AVS/CV2'] = $_POST['AVSCV2'];
* osCommerce Online Merchant * * @copyright (c) 2016 osCommerce; https://www.oscommerce.com * @license MIT; https://www.oscommerce.com/license/mit.txt */ use OSC\OM\HTML; use OSC\OM\OSCOM; use OSC\OM\Registry; chdir('../../../../'); require 'includes/application_top.php'; if (!defined('MODULE_PAYMENT_SAGE_PAY_SERVER_STATUS') || MODULE_PAYMENT_SAGE_PAY_SERVER_STATUS != 'True') { exit; } $OSCOM_Language->loadDefinitions('modules/payment/sage_pay_server'); include 'includes/modules/payment/sage_pay_server.php'; $sage_pay_server = new sage_pay_server(); $result = null; if (isset($_GET['skcode']) && isset($_POST['VPSSignature']) && isset($_POST['VPSTxId']) && isset($_POST['VendorTxCode']) && isset($_POST['Status'])) { $skcode = HTML::sanitize($_GET['skcode']); $Qsp = $OSCOM_Db->get('sagepay_server_securitykeys', 'securitykey', ['code' => $skcode], null, 1); if ($Qsp->fetch() !== false) { $transaction_details = array('ID' => $_POST['VPSTxId']); $sig = $_POST['VPSTxId'] . $_POST['VendorTxCode'] . $_POST['Status']; if (isset($_POST['TxAuthNo'])) { $sig .= $_POST['TxAuthNo']; } $sig .= strtolower(substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15)); if (isset($_POST['AVSCV2'])) { $sig .= $_POST['AVSCV2']; $transaction_details['AVS/CV2'] = $_POST['AVSCV2']; }