// Step 2: PSP invokes callback to let us know payment was received. $operation = SMEnvironment::GetQueryValue("PaymentOperation"); if ($operation === null) { $orderId = SMEnvironment::GetQueryValue("OrderId"); $order = getOrder($orderId); if ($order["State"] !== "Initial") { header("HTTP/1.1 500 Internal Server Error"); echo "Order with ID '" . $orderId . "' has already been processed"; exit; } $amount = (int) round(((double) $order["Price"] + (double) $order["Vat"]) * 100); // Amount in smallest possible unit (e.g. USD 10095 = USD 100.95) $currency = $order["Currency"]; $continueUrl = SMEnvironment::GetExternalUrl(); $continueUrl .= SMAttributes::GetAttribute("SMShopReceiptPage") !== null && SMAttributes::GetAttribute("SMShopReceiptPage") !== "" ? "/" . SMAttributes::GetAttribute("SMShopReceiptPage") : ""; $callbackUrl = SMEnvironment::GetExternalUrl() . "/" . SMExtensionManager::GetCallbackUrl(SMExtensionManager::GetExecutingExtension(), "Callbacks/Payment") . "&PaymentOperation=Auth"; $p = PSP::GetPaymentProvider($order["PaymentMethod"]); $p->RedirectToPaymentForm($orderId, $amount, $currency, $continueUrl, $callbackUrl); } else { if ($operation === "Auth") { $data = PSP::GetCallbackData(); // Securely obtain data passed to callback $transactionId = $data["TransactionId"]; // String $orderId = $data["OrderId"]; // String //$amount = $data["Amount"]; // Integer //$currency = $data["Currency"]; // String $order = getOrder($orderId); $order["TransactionId"] = $transactionId; $order["State"] = "Authorized";