if (isset($_POST['FraudResponse'])) {
$sig .= $_POST['FraudResponse'];
}
if (isset($_POST['BankAuthCode'])) {
$sig .= $_POST['BankAuthCode'];
}
$sig = strtoupper(md5($sig));
if ($_POST['VPSSignature'] == $sig) {
if ($_POST['Status'] == 'OK' || $_POST['Status'] == 'AUTHENTICATED' || $_POST['Status'] == 'REGISTERED') {
$transaction_details_string = '';
foreach ($transaction_details as $k => $v) {
$transaction_details_string .= $k . ': ' . $v . "\n";
}
$transaction_details_string = tep_db_prepare_input($transaction_details_string);
tep_db_query('update sagepay_server_securitykeys set verified = 1, transaction_details = "' . tep_db_input($transaction_details_string) . '" where code = "' . tep_db_input($skcode) . '"');
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&skcode=' . $skcode, 'SSL', false));
} else {
$error = isset($_POST['StatusDetail']) ? $sage_pay_server->getErrorMessageNumber($_POST['StatusDetail']) : null;
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
$error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL', false);
} else {
$error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL', false);
}
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL($error_url);
tep_db_query('delete from sagepay_server_securitykeys where code = "' . tep_db_input($skcode) . '"');
$sage_pay_server->sendDebugEmail();
}
} else {
$result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(tep_href_link(FILENAME_SHOPPING_CART, '', 'SSL', false));
$sage_pay_server->sendDebugEmail();
}
if (isset($_POST['FraudResponse'])) {
$sig .= $_POST['FraudResponse'];
}
if (isset($_POST['BankAuthCode'])) {
$sig .= $_POST['BankAuthCode'];
}
$sig = strtoupper(md5($sig));
if ($_POST['VPSSignature'] == $sig) {
if ($_POST['Status'] == 'OK' || $_POST['Status'] == 'AUTHENTICATED' || $_POST['Status'] == 'REGISTERED') {
$transaction_details_string = '';
foreach ($transaction_details as $k => $v) {
$transaction_details_string .= $k . ': ' . $v . "\n";
}
$transaction_details_string = HTML::sanitize($transaction_details_string);
$OSCOM_Db->save('sagepay_server_securitykeys', ['verified' => 1, 'transaction_details' => $transaction_details_string], ['code' => $skcode]);
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(OSCOM::link('checkout_process.php', 'check=PROCESS&skcode=' . $skcode, false));
} else {
$error = isset($_POST['StatusDetail']) ? $sage_pay_server->getErrorMessageNumber($_POST['StatusDetail']) : null;
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
$error_url = OSCOM::link('checkout_payment.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), false);
} else {
$error_url = OSCOM::link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $sage_pay_server->code . (tep_not_null($error) ? '&error=' . $error : ''), false);
}
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL($error_url);
$OSCOM_Db->delete('sagepay_server_securitykeys', ['code' => $skcode]);
$sage_pay_server->sendDebugEmail();
}
} else {
$result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $sage_pay_server->formatURL(OSCOM::link('shopping_cart.php', '', false));
$sage_pay_server->sendDebugEmail();
}
