Jump to content

Problems for Setting up ANS marketplace


tavomtorres93
 Share

You are about to reply to a thread that has been inactive for 2639 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Hi Everyone.

I have a problem with this variable:

$ myMPHash = $ _SERVER ['HTTP_X_ANS_VERIFY_HASH'] ;.

It gives me the following error: Undefined Index HTTP_X_ANS_VERIFY_HASH.

And that's why I can not do the verification with my salt code. Can someone help me with this? Maybe the name of the variable is old? I appreciate your answers. 

 

<?php 
// This is your ANS php page 
// This file name MUST be linked to your marketplace store in order for this to work!!
// When you set the URL of your ANS/SLM Processor in the Merchant ANS Configuration, a Salt Code will be generated and displayed.
//error_reporting(E_ALL);  //uncomment this for debugging

$myMPSalt = "HERE ME SALT CODE"; // Salt code from MP

$isValid = false;

$myMPHash = $_SERVER['HTTP_X_ANS_VERIFY_HASH']; 

$myCalcHash = sha1($_SERVER['QUERY_STRING'] . $myMPSalt);

if ($myMPHash == $myCalcHash) {
    $isValid = true;
}

if ($isValid) {

if (isset($_GET['TransactionID'])) { 

$myServer = "my server";    // Your database server
$myUser   = "my user";             // Your database username
$myPass   = "my  pass";             // Your database pass
$myDB	  = "my databasename";   // Your database name

$conexion = @mysqli_connect(SERVER, USER, PASSWORD, DB_NAME)
	OR die('Could not connect to Database' . mysqli_connect_error());	


if (!function_exists('sql_val')) {
function sql_val( $input ) {
     if ( get_magic_quotes_gpc() ) {
          $input = stripslashes( $input );
     } //get_magic_quotes_gpc()
     return ( "'" . mysqli_real_escape_string( $input ) . "'" );
}
} //end function not exist

if ( !function_exists( 'clean' ) ) {
function clean( $input, $type="", $no_tags="" ) {
     if ($no_tags != "") {
          $input = trim(strip_tags($input));
     }
     if ($type != "") {
          if (strlen(strstr($type,"("))>0) {
               $split = explode("(", $type);
               $type = $split['0'];
               $limit = str_replace(")", "", $split['1']);
                    if (is_numeric($limit)){
                    if ( ($type == "int") && (!is_int($input)) ) {
                         $input = (int)substr($input, 0, $limit);
                    } else {
                         $input = substr($input, 0, $limit);
                    }
                    }
          }
     }
     if ( get_magic_quotes_gpc() ) {
          $input = stripslashes( $input );
     } 
     if ( @mysql_ping() != "" ) {
          $input = mysqli_real_escape_string( $input );
     } else {
          $search = array("\x00", "\n", "\r", "\\", "'", '"', "\x1a");
          $replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", '\"', "\\x1a");
          $input = str_replace($search, $replace, $input);
     }
     return $input;
} //end function
} //end function not exist

if (!function_exists('reverb')) {
function reverb($value) {
     return htmlspecialchars(stripslashes($value));
}
}//end functin not exists

if (!function_exists('print_x')) {
function print_x($value) {
     echo '<pre>';
     print_r($value);
     echo '</pre>';
}
}//end functin not exists

date_default_timezone_set("America/Los_Angeles");
$TimeStamp = gmdate('l, F j, Y h:i:s A', time());  
$TransactionID = isset($_GET['TransactionID']) ? clean($_GET['TransactionID'], "bigint(20)") : "";
$ItemID = isset($_GET['ItemID']) ? clean($_GET['ItemID'], "int(10)") : "";
$ItemName = isset($_GET['ItemName']) ? clean($_GET['ItemName'], "varchar(100)") : "";
$PayerName = isset($_GET['PayerName']) ? clean($_GET['PayerName'], "varchar(100)") : "";
$PayerKey = isset($_GET['PayerKey']) ? clean($_GET['PayerKey'], "varchar(36)") : "";
$ReceiverName = isset($_GET['ReceiverName']) ? clean($_GET['ReceiverName'], "varchar(100)") : "";
$ReceiverKey = isset($_GET['ReceiverKey']) ? clean($_GET['ReceiverKey'], "varchar(36)") : "";
$MerchantName = isset($_GET['MerchantName']) ? clean($_GET['MerchantName'], "varchar(100)") : "";
$MerchantKey = isset($_GET['MerchantKey']) ? clean($_GET['MerchantKey'], "varchar(36)") : "";
$PaymentGross = isset($_GET['PaymentGross']) ? clean($_GET['PaymentGross'], "varchar(12)") : "";
$InventoryName = isset($_GET['InventoryName']) ? clean($_GET['InventoryName'], "varchar(100)") : "";
$PaymentFee = isset($_GET['PaymentFee']) ? clean($_GET['PaymentFee'], "varchar(12)") : "";
$Date = gmdate("Y/m/d");

$query = 'REPLACE INTO sl_marketplace_ans ( 
   `TimeStamp`, 
   `TransactionID`, 
   `ItemID`, 
   `ItemName`, 
   `PayerName`, 
   `PayerKey`, 
   `ReceiverName`, 
   `ReceiverKey`, 
   `MerchantName`, 
   `MerchantKey`, 
   `PaymentGross`, 
   `InventoryName`, 
   `PaymentFee`, 
   `Date` 
) VALUES ( 
   '.sql_val($TimeStamp).', 
   '.sql_val($TransactionID).', 
   '.sql_val($ItemID).', 
   '.sql_val($ItemName).', 
   '.sql_val($PayerName).', 
   '.sql_val($PayerKey).', 
   '.sql_val($ReceiverName).', 
   '.sql_val($ReceiverKey).', 
   '.sql_val($MerchantName).', 
   '.sql_val($MerchantKey).', 
   '.sql_val($PaymentGross).', 
   '.sql_val($InventoryName).', 
   '.sql_val($PaymentFee).', 
   '.sql_val($Date).' 
)'; 
/*<!-- depending on how you want to display errors, comment or uncomment the following -->*/
$result = mysqli_query($query) or $db_message = '<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_GET['TransactionID']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysqli_errno().') '.mysqli_error().'</p>';
if ($result) $db_message = '<p class="db_success">Successfully saved <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>';
else $db_message = '<p class="db_error">Error saving <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>';
print_x($query);
/*<!-- end of error displays -->*/

if (isset($db_message)) echo $db_message;

  }//end if isset TransactionID
}//end if is Valid
else
{
    //$isValid = false;
	$ANS_error = '<p class="ans_fail">Hash calculation <b>Failed!</b> Check Your Salt Code!!</p>';
	echo $ANS_error;
}


 ?>
Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 2639 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...