Jump to content

tavomtorres93

Resident
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

1 Follower

About tavomtorres93

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Everyone. I have a problem with this variable: $ myMPHash = $ _SERVER ['HTTP_X_ANS_VERIFY_HASH'] ;. It gives me the following error: Undefined Index HTTP_X_ANS_VERIFY_HASH. And that's why I can not do the verification with my salt code. Can someone help me with this? Maybe the name of the variable is old? I appreciate your answers. <?php // This is your ANS php page // This file name MUST be linked to your marketplace store in order for this to work!! // When you set the URL of your ANS/SLM Processor in the Merchant ANS Configuration, a Salt Code will be generated and displayed. //error_reporting(E_ALL); //uncomment this for debugging $myMPSalt = "HERE ME SALT CODE"; // Salt code from MP $isValid = false; $myMPHash = $_SERVER['HTTP_X_ANS_VERIFY_HASH']; $myCalcHash = sha1($_SERVER['QUERY_STRING'] . $myMPSalt); if ($myMPHash == $myCalcHash) { $isValid = true; } if ($isValid) { if (isset($_GET['TransactionID'])) { $myServer = "my server"; // Your database server $myUser = "my user"; // Your database username $myPass = "my pass"; // Your database pass $myDB = "my databasename"; // Your database name $conexion = @mysqli_connect(SERVER, USER, PASSWORD, DB_NAME) OR die('Could not connect to Database' . mysqli_connect_error()); if (!function_exists('sql_val')) { function sql_val( $input ) { if ( get_magic_quotes_gpc() ) { $input = stripslashes( $input ); } //get_magic_quotes_gpc() return ( "'" . mysqli_real_escape_string( $input ) . "'" ); } } //end function not exist if ( !function_exists( 'clean' ) ) { function clean( $input, $type="", $no_tags="" ) { if ($no_tags != "") { $input = trim(strip_tags($input)); } if ($type != "") { if (strlen(strstr($type,"("))>0) { $split = explode("(", $type); $type = $split['0']; $limit = str_replace(")", "", $split['1']); if (is_numeric($limit)){ if ( ($type == "int") && (!is_int($input)) ) { $input = (int)substr($input, 0, $limit); } else { $input = substr($input, 0, $limit); } } } } if ( get_magic_quotes_gpc() ) { $input = stripslashes( $input ); } if ( @mysql_ping() != "" ) { $input = mysqli_real_escape_string( $input ); } else { $search = array("\x00", "\n", "\r", "\\", "'", '"', "\x1a"); $replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", '\"', "\\x1a"); $input = str_replace($search, $replace, $input); } return $input; } //end function } //end function not exist if (!function_exists('reverb')) { function reverb($value) { return htmlspecialchars(stripslashes($value)); } }//end functin not exists if (!function_exists('print_x')) { function print_x($value) { echo '<pre>'; print_r($value); echo '</pre>'; } }//end functin not exists date_default_timezone_set("America/Los_Angeles"); $TimeStamp = gmdate('l, F j, Y h:i:s A', time()); $TransactionID = isset($_GET['TransactionID']) ? clean($_GET['TransactionID'], "bigint(20)") : ""; $ItemID = isset($_GET['ItemID']) ? clean($_GET['ItemID'], "int(10)") : ""; $ItemName = isset($_GET['ItemName']) ? clean($_GET['ItemName'], "varchar(100)") : ""; $PayerName = isset($_GET['PayerName']) ? clean($_GET['PayerName'], "varchar(100)") : ""; $PayerKey = isset($_GET['PayerKey']) ? clean($_GET['PayerKey'], "varchar(36)") : ""; $ReceiverName = isset($_GET['ReceiverName']) ? clean($_GET['ReceiverName'], "varchar(100)") : ""; $ReceiverKey = isset($_GET['ReceiverKey']) ? clean($_GET['ReceiverKey'], "varchar(36)") : ""; $MerchantName = isset($_GET['MerchantName']) ? clean($_GET['MerchantName'], "varchar(100)") : ""; $MerchantKey = isset($_GET['MerchantKey']) ? clean($_GET['MerchantKey'], "varchar(36)") : ""; $PaymentGross = isset($_GET['PaymentGross']) ? clean($_GET['PaymentGross'], "varchar(12)") : ""; $InventoryName = isset($_GET['InventoryName']) ? clean($_GET['InventoryName'], "varchar(100)") : ""; $PaymentFee = isset($_GET['PaymentFee']) ? clean($_GET['PaymentFee'], "varchar(12)") : ""; $Date = gmdate("Y/m/d"); $query = 'REPLACE INTO sl_marketplace_ans ( `TimeStamp`, `TransactionID`, `ItemID`, `ItemName`, `PayerName`, `PayerKey`, `ReceiverName`, `ReceiverKey`, `MerchantName`, `MerchantKey`, `PaymentGross`, `InventoryName`, `PaymentFee`, `Date` ) VALUES ( '.sql_val($TimeStamp).', '.sql_val($TransactionID).', '.sql_val($ItemID).', '.sql_val($ItemName).', '.sql_val($PayerName).', '.sql_val($PayerKey).', '.sql_val($ReceiverName).', '.sql_val($ReceiverKey).', '.sql_val($MerchantName).', '.sql_val($MerchantKey).', '.sql_val($PaymentGross).', '.sql_val($InventoryName).', '.sql_val($PaymentFee).', '.sql_val($Date).' )'; /*<!-- depending on how you want to display errors, comment or uncomment the following -->*/ $result = mysqli_query($query) or $db_message = '<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_GET['TransactionID']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysqli_errno().') '.mysqli_error().'</p>'; if ($result) $db_message = '<p class="db_success">Successfully saved <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>'; else $db_message = '<p class="db_error">Error saving <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>'; print_x($query); /*<!-- end of error displays -->*/ if (isset($db_message)) echo $db_message; }//end if isset TransactionID }//end if is Valid else { //$isValid = false; $ANS_error = '<p class="ans_fail">Hash calculation <b>Failed!</b> Check Your Salt Code!!</p>'; echo $ANS_error; } ?>
  2. Hi Everyone. I have a problem with this variable: $ myMPHash = $ _SERVER ['HTTP_X_ANS_VERIFY_HASH'] ;. It gives me the following error: Undefined Index HTTP_X_ANS_VERIFY_HASH. And that's why I can not do the verification with my salt code. Can someone help me with this? Maybe the name of the variable is old? I appreciate your answers. <?php // This is your ANS php page // This file name MUST be linked to your marketplace store in order for this to work!!// When you set the URL of your ANS/SLM Processor in the Merchant ANS Configuration, a Salt Code will be generated and displayed.//error_reporting(E_ALL); //uncomment this for debugging$myMPSalt = "HERE ME SALT CODE"; // Salt code from MP$isValid = false;$myMPHash = $_SERVER['HTTP_X_ANS_VERIFY_HASH']; $myCalcHash = sha1($_SERVER['QUERY_STRING'] . $myMPSalt);if ($myMPHash == $myCalcHash) { $isValid = true;}if ($isValid) {if (isset($_GET['TransactionID'])) { $myServer = "my server"; // Your database server$myUser = "my user"; // Your database username$myPass = "my pass"; // Your database pass$myDB = "my databasename"; // Your database name$conexion = @mysqli_connect(SERVER, USER, PASSWORD, DB_NAME) OR die('Could not connect to Database' . mysqli_connect_error()); if (!function_exists('sql_val')) {function sql_val( $input ) { if ( get_magic_quotes_gpc() ) { $input = stripslashes( $input ); } //get_magic_quotes_gpc() return ( "'" . mysqli_real_escape_string( $input ) . "'" );}} //end function not existif ( !function_exists( 'clean' ) ) {function clean( $input, $type="", $no_tags="" ) { if ($no_tags != "") { $input = trim(strip_tags($input)); } if ($type != "") { if (strlen(strstr($type,"("))>0) { $split = explode("(", $type); $type = $split['0']; $limit = str_replace(")", "", $split['1']); if (is_numeric($limit)){ if ( ($type == "int") && (!is_int($input)) ) { $input = (int)substr($input, 0, $limit); } else { $input = substr($input, 0, $limit); } } } } if ( get_magic_quotes_gpc() ) { $input = stripslashes( $input ); } if ( @mysql_ping() != "" ) { $input = mysqli_real_escape_string( $input ); } else { $search = array("\x00", "\n", "\r", "\\", "'", '"', "\x1a"); $replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", '\"', "\\x1a"); $input = str_replace($search, $replace, $input); } return $input;} //end function} //end function not existif (!function_exists('reverb')) {function reverb($value) { return htmlspecialchars(stripslashes($value));}}//end functin not existsif (!function_exists('print_x')) {function print_x($value) { echo '<pre>'; print_r($value); echo '</pre>';}}//end functin not existsdate_default_timezone_set("America/Los_Angeles");$TimeStamp = gmdate('l, F j, Y h:i:s A', time()); $TransactionID = isset($_GET['TransactionID']) ? clean($_GET['TransactionID'], "bigint(20)") : "";$ItemID = isset($_GET['ItemID']) ? clean($_GET['ItemID'], "int(10)") : "";$ItemName = isset($_GET['ItemName']) ? clean($_GET['ItemName'], "varchar(100)") : "";$PayerName = isset($_GET['PayerName']) ? clean($_GET['PayerName'], "varchar(100)") : "";$PayerKey = isset($_GET['PayerKey']) ? clean($_GET['PayerKey'], "varchar(36)") : "";$ReceiverName = isset($_GET['ReceiverName']) ? clean($_GET['ReceiverName'], "varchar(100)") : "";$ReceiverKey = isset($_GET['ReceiverKey']) ? clean($_GET['ReceiverKey'], "varchar(36)") : "";$MerchantName = isset($_GET['MerchantName']) ? clean($_GET['MerchantName'], "varchar(100)") : "";$MerchantKey = isset($_GET['MerchantKey']) ? clean($_GET['MerchantKey'], "varchar(36)") : "";$PaymentGross = isset($_GET['PaymentGross']) ? clean($_GET['PaymentGross'], "varchar(12)") : "";$InventoryName = isset($_GET['InventoryName']) ? clean($_GET['InventoryName'], "varchar(100)") : "";$PaymentFee = isset($_GET['PaymentFee']) ? clean($_GET['PaymentFee'], "varchar(12)") : "";$Date = gmdate("Y/m/d");$query = 'REPLACE INTO sl_marketplace_ans ( `TimeStamp`, `TransactionID`, `ItemID`, `ItemName`, `PayerName`, `PayerKey`, `ReceiverName`, `ReceiverKey`, `MerchantName`, `MerchantKey`, `PaymentGross`, `InventoryName`, `PaymentFee`, `Date` ) VALUES ( '.sql_val($TimeStamp).', '.sql_val($TransactionID).', '.sql_val($ItemID).', '.sql_val($ItemName).', '.sql_val($PayerName).', '.sql_val($PayerKey).', '.sql_val($ReceiverName).', '.sql_val($ReceiverKey).', '.sql_val($MerchantName).', '.sql_val($MerchantKey).', '.sql_val($PaymentGross).', '.sql_val($InventoryName).', '.sql_val($PaymentFee).', '.sql_val($Date).' )'; /*<!-- depending on how you want to display errors, comment or uncomment the following -->*/$result = mysqli_query($query) or $db_message = '<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_GET['TransactionID']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysqli_errno().') '.mysqli_error().'</p>';if ($result) $db_message = '<p class="db_success">Successfully saved <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>';else $db_message = '<p class="db_error">Error saving <b>TransactionID : '.reverb($_GET['TransactionID']).'</b> to the database!!</p>';print_x($query);/*<!-- end of error displays -->*/if (isset($db_message)) echo $db_message; }//end if isset TransactionID}//end if is Validelse{ //$isValid = false; $ANS_error = '<p class="ans_fail">Hash calculation <b>Failed!</b> Check Your Salt Code!!</p>'; echo $ANS_error;} ?>
×
×
  • Create New...