if (isset($_POST['FraudResponse'])) { $sig .= $_POST['FraudResponse']; } if (isset($_POST['BankAuthCode'])) { $sig .= $_POST['BankAuthCode']; } $sig = strtoupper(md5($sig)); if ($_POST['VPSSignature'] == $sig) { if ($_POST['Status'] == 'OK' || $_POST['Status'] == 'AUTHENTICATED' || $_POST['Status'] == 'REGISTERED') { $transaction_details_string = ''; foreach ($transaction_details as $k => $v) { $transaction_details_string .= $k . ': ' . $v . "\n"; } $transaction_details_string = tep_db_prepare_input($transaction_details_string); tep_db_query('update sagepay_server_securitykeys set verified = 1, transaction_details = "' . tep_db_input($transaction_details_string) . '" where code = "' . tep_db_input($skcode) . '"'); $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&skcode=' . $skcode, 'SSL', false)); } else { $error = isset($_POST['StatusDetail']) ? $sage_pay_server->getErrorMessageNumber($_POST['StatusDetail']) : null; if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') { $error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL', false); } else { $error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL', false); } $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL($error_url); tep_db_query('delete from sagepay_server_securitykeys where code = "' . tep_db_input($skcode) . '"'); $sage_pay_server->sendDebugEmail(); } } else { $result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(tep_href_link(FILENAME_SHOPPING_CART, '', 'SSL', false)); $sage_pay_server->sendDebugEmail(); }
if (isset($_POST['FraudResponse'])) { $sig .= $_POST['FraudResponse']; } if (isset($_POST['BankAuthCode'])) { $sig .= $_POST['BankAuthCode']; } $sig = strtoupper(md5($sig)); if ($_POST['VPSSignature'] == $sig) { if ($_POST['Status'] == 'OK' || $_POST['Status'] == 'AUTHENTICATED' || $_POST['Status'] == 'REGISTERED') { $transaction_details_string = ''; foreach ($transaction_details as $k => $v) { $transaction_details_string .= $k . ': ' . $v . "\n"; } $transaction_details_string = HTML::sanitize($transaction_details_string); $OSCOM_Db->save('sagepay_server_securitykeys', ['verified' => 1, 'transaction_details' => $transaction_details_string], ['code' => $skcode]); $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(OSCOM::link('checkout_process.php', 'check=PROCESS&skcode=' . $skcode, false)); } else { $error = isset($_POST['StatusDetail']) ? $sage_pay_server->getErrorMessageNumber($_POST['StatusDetail']) : null; if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') { $error_url = OSCOM::link('checkout_payment.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), false); } else { $error_url = OSCOM::link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), false); } $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL($error_url); $OSCOM_Db->delete('sagepay_server_securitykeys', ['code' => $skcode]); $sage_pay_server->sendDebugEmail(); } } else { $result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(OSCOM::link('shopping_cart.php', '', false)); $sage_pay_server->sendDebugEmail(); }