public static function validateTransactionResult_POST($szMerchantID, $szPassword, $szPreSharedKey, $szHashMethod, $aPostVariables, &$trTransactionResult, &$szValidateErrorMessage) { $boErrorOccurred = false; $szValidateErrorMessage = ""; $trTransactionResult = null; // read the transaction result variables from the post variable list if (!PaymentFormHelper::getTransactionResultFromPostVariables($aPostVariables, $trTransactionResult, $szHashDigest, $szOutputMessage)) { $boErrorOccurred = true; $szValidateErrorMessage = $szOutputMessage; } else { // now need to validate the hash digest $szStringToHash = PaymentFormHelper::generateStringToHash2($szMerchantID, $szPassword, $trTransactionResult, $szPreSharedKey, $szHashMethod); $szCalculatedHashDigest = PaymentFormHelper::calculateHashDigest($szStringToHash, $szPreSharedKey, $szHashMethod); // does the calculated hash match the one that was passed? if (strToUpper($szHashDigest) != strToUpper($szCalculatedHashDigest)) { $boErrorOccurred = true; $szValidateErrorMessage = "Hash digests don't match - possible variable tampering"; } else { $boErrorOccurred = false; } } return !$boErrorOccurred; }