<?php // Example of how ANY application can communicate // with ANY Payment Service Provider (PSP) using the // standardized payment interface (PSPI). require_once dirname(__FILE__) . "/../../PSPInterface.php"; $orderId = "1041"; $amount = 10; $currency = "DKK"; // Notice: URL parameters are not allowed. // TransactionId, OrderId, Amount, and Currency is passed to CustomCallback.php via POST. $continueUrl = PSP::GetProviderUrl("DIBS") . "/Test/ThanksPage.php"; $callbackUrl = PSP::GetProviderUrl("DIBS") . "/Test/CustomCallback.php"; $p = PSP::GetPaymentProvider("DIBS"); $p->RedirectToPaymentForm($orderId, $amount, $currency, $continueUrl, $callbackUrl);
<?php // This file is responsible for receiving the response from DIBS // and forward it to the application in a standardized way. require_once dirname(__FILE__) . "/../PSPInterface.php"; // Callback is called directly by Payment Service Provider, so we need to include PSPInterface.php if ($_SERVER["REMOTE_ADDR"] === "85.236.67.1") { $config = PSP::GetConfig("DIBS"); // Checksum (if keys are configured) $checksum = ""; if (isset($config["Encryption Key 1"]) && $config["Encryption Key 1"] !== "" && isset($config["Encryption Key 2"]) && $config["Encryption Key 2"] !== "") { $k1 = $config["Encryption Key 1"]; $k2 = $config["Encryption Key 2"]; $checksum = md5($k2 . md5($k1 . "transact=" . $_POST["transact"] . "&amount=" . $_POST["amount"] . "¤cy=" . $_POST["currency"])); if ($checksum !== $_POST["authkey"]) { throw new Exception("SecurityException: Integrity check failed - mismatching checksums"); } } // Invoke applicaton callback specified in RedirectToPaymentForm(..). // Using PSP::InvokeCallback(..) which implements security measures // to prevent man-in-the-middle attacks. PSP::Log("DIBS - invoking callback:\nTransactionId: " . $_POST["transact"] . "\nOrderId: " . $_POST["orderid"] . "\nAmount: " . $_POST["amount"] . "\nCurrency: " . $_POST["currency"]); PSP::InvokeCallback($_POST["CUSTOM_Callback"], $_POST["transact"] . ";" . $_POST["orderid"], $_POST["orderid"], (int) $_POST["amount"], $_POST["currency"]); } else { if (isset($_POST["CUSTOM_ContinueUrl"]) === true) { PSP::RedirectToContinueUrl($_POST["CUSTOM_ContinueUrl"]); } }
private static function ensureCurrencies() { if (self::$currencies === null) { require_once dirname(__FILE__) . "/Currencies.php"; self::$currencies = $currencies; self::$numCurrencies = array(); foreach ($currencies as $key => $value) { self::$numCurrencies[$value] = $key; } } }
if ($order["State"] !== "Initial") { header("HTTP/1.1 500 Internal Server Error"); echo "Order with ID '" . $orderId . "' has already been processed"; exit; } $amount = (int) round(((double) $order["Price"] + (double) $order["Vat"]) * 100); // Amount in smallest possible unit (e.g. USD 10095 = USD 100.95) $currency = $order["Currency"]; $continueUrl = SMEnvironment::GetExternalUrl(); $continueUrl .= SMAttributes::GetAttribute("SMShopReceiptPage") !== null && SMAttributes::GetAttribute("SMShopReceiptPage") !== "" ? "/" . SMAttributes::GetAttribute("SMShopReceiptPage") : ""; $callbackUrl = SMEnvironment::GetExternalUrl() . "/" . SMExtensionManager::GetCallbackUrl(SMExtensionManager::GetExecutingExtension(), "Callbacks/Payment") . "&PaymentOperation=Auth"; $p = PSP::GetPaymentProvider($order["PaymentMethod"]); $p->RedirectToPaymentForm($orderId, $amount, $currency, $continueUrl, $callbackUrl); } else { if ($operation === "Auth") { $data = PSP::GetCallbackData(); // Securely obtain data passed to callback $transactionId = $data["TransactionId"]; // String $orderId = $data["OrderId"]; // String //$amount = $data["Amount"]; // Integer //$currency = $data["Currency"]; // String $order = getOrder($orderId); $order["TransactionId"] = $transactionId; $order["State"] = "Authorized"; $ds = new SMDataSource("SMShopOrders"); $ds->Lock(); $ds->Update($order, "Id = '" . $ds->Escape($order["Id"]) . "'"); $ds->Commit(); }
private function apiCall($type, $transactionId, $amount = -1) { $transactionInfo = explode(";", $transactionId); $transactionId = $transactionInfo[0]; $orderId = $transactionInfo[1]; $cfg = PSP::GetConfig("DIBS"); $checksum = ""; if (isset($cfg["Encryption Key 1"]) && $cfg["Encryption Key 1"] !== "" && isset($cfg["Encryption Key 2"]) && $cfg["Encryption Key 2"] !== "") { $check = ""; $check .= "merchant=" . $cfg["Merchant ID"]; $check .= "&orderid=" . $orderId; $check .= "&transact=" . $transactionId; if ($type === "Capture") { $check .= "&amount=" . $amount; } $checksum = md5($cfg["Encryption Key 2"] . md5($cfg["Encryption Key 1"] . $check)); } $data = array("merchant" => $cfg["Merchant ID"], "transact" => $transactionId, "orderid" => $orderId, "md5key" => $checksum); if ($type === "Capture") { $data["amount"] = (string) $amount; } $url = null; if ($type === "Capture") { $url = "https://payment.architrade.com/cgi-bin/capture.cgi"; } else { if ($type === "Cancel") { $url = "https://" . $cfg["API User: Username"] . ":" . $cfg["API User: Password"] . "@payment.architrade.com/cgi-adm/cancel.cgi"; } } $response = PSP::Post($url, $data); $result = strpos($response, "status=ACCEPTED") !== false; PSP::Log("DIBS - API call result: " . "\nType: " . $type . "\nSuccess: " . ($result === true ? "true" : "false") . "\nResponse: " . $response); return $result; }