macKeyAvvio; } else{ $order = array("ORDERID", "SHOPID", "AUTHNUMBER", "AMOUNT", "CURRENCY", "TRANSACTIONID", "ACCOUNTINGMODE", "AUTHORMODE", "RESULT", "TRANSACTIONTYPE", "ISSUERCOUNTRY", "AUTHCODE", "PAYERID", "PAYER", "PAYERSTATUS", "HASHPAN", "PANALIASREV", "PANALIAS", "PANALIASEXPDATE", "PANALIASTAIL", "MASKEDPAN", "PANTAIL", "PANEXPIRYDATE", "ACCOUNTHOLDER", "IBAN", "ALIASSTR", "ACQUIRERBIN", "MERCHANTID", "CARDTYPE", "CHINFO"); $key = $this->macKeyEsito; } $ordered = array(); foreach($order as $o) if(isset($params[$o])) $ordered[] = $o."=".$params[$o]; return hash_hmac("sha256", implode("&", $ordered), $key); } function createForm(){ $iAmount = round(floatval(str_replace(",", ".", $this->importo)) * 100); $params = array( "AMOUNT" => $iAmount, "CURRENCY" => $this->valuta, "ORDERID" => $this->uniqueID(50), "SHOPID" => $this->shopId, "URLBACK" => $this->Procedura->genera_link_agg(array($this->step_var=>"return_ko")),//Complete URL to which the user is to be redirected to go to the store (it may include all the necessary parameters) in case the payment process is cancelled. "URLDONE" => $this->Procedura->genera_link_agg(array($this->step_var=>"return_ok")),//Complete URL to which the user is to be redirected to go to the store (it may include all the necessary parameters) in case the payment process is cancelled. "URLMS" => $this->Procedura->genera_link_agg(array($this->step_var=>"s2s")),//Complete URL to which the user is to be redirected to go to the store (it may include all the necessary parameters) in case the payment process is cancelled. "ACCOUNTINGMODE" => "I", "AUTHORMODE" => "I", "LANG" => $this->lingua, "EMAIL" => $this->cliente_email, // "ORDDESCR" => substr($this->descrizione, 0, 140),//qualche carattere blocca l'operazione, ma nella documentazione non c'è scritto nulla, inoltre la descerizione non compare nonostante l'opzione "V" impostata "OPTIONS" => "R",//R– The MAC is calculated and sent to URLMS and URLDONE even if the result is negative. Rules for MAC attribution are the same used for the positive case. ); $url = "https://atpos".($this->demo?"test":"").".ssb.it/atpos/pagamenti/main?PAGE=LAND"; $params['MAC'] = $this->mac($params, "out"); $html = '

'; foreach($params as $k=>$v) $html .= ''; $html .= ''; $html .= '

'; if(true) $html .= $this->autoSubmitForm('form_pagamento_tnx'); else $html = nl2br($this->Procedura->htmlentities($html)).$html; return $html; } function auto(){ $this->indiLingua(); if($this->demo){ $this->shopId = '190930123010543'; $this->macKeyAvvio = 'eXDwpnD89-RbUCJm-8ugtLr-aRj-SCHtyaPcd4pBE-X-7K-uAE3MrZP-b4QcNmjt--hM-gSjk7zs-cTc-WDSgcr8k-phW9HgzZVb'; $this->macKeyEsito = '-bQy-pJ-4mW-s4unZAh-ph5YQsmmp4PjUkzSJ6-pGnj3dLN37mAqyLg-kxdu-M-Uf-D-y--n-5BTJATTUzn-q6-Et--ap3qCQe-Q'; } $this->importo = number_format(str_replace(",", ".", $this->importo), 2, ",", ""); switch($_GET[$this->step_var]){ default: $this->Procedura->iniziato($this->nome_metodo); return $this->createForm(); break; break; case 'return_ok': return $this->Procedura->concluso(); break; case 's2s': /* $body .= "\nhttp://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI] " . date ("d-M-Y H:i:s", mktime()) . " " . __FILE__ . " " . __LINE__; $body .= "\n\n" . print_r(array('$_GET'=>$_GET, '$_POST'=>$_POST, '$_SERVER'=>$_SERVER, '$_SESSION'=>$_SESSION), TRUE); mail("carlo@tnx.it", "S2S", $body); */ $params = $_GET; foreach($params as $k=>$v){ $params[$k] = stripslashes($v); } $identificativo = $this->identificativoFromUniqueID($_GET['ORDERID']); if($this->mac($params, 'in') == $_GET["MAC"]){ $results = array( "00" => "Success", "01" => "Denied by system", "02" => "Denied due to store configuration issues", "03" => "Denied due to communication issues with the authorization circuits", "04" => "Denied by card issuer", "05" => "Denied due to incorrect card number", "06" => "Unforeseen error during processing of request", "07" => "Duplicated order", ); $this->Procedura->comunicazione_s2s($identificativo, $results[$params["RESULT"]]." TRANSACTIONID: ".$params["TRANSACTIONID"]); if($params["RESULT"] == "00"){ $this->Procedura->confermato($identificativo); } else{ $body = ''; foreach($params as $k=>$v) $body .= "\n| $k:\t$v"; $this->Procedura->comunicazione_s2s($identificativo, $body); } } else{ $body = "ERRORE VERIFICA FIRMA DELLA COMUNICAZIONE S2S"; foreach($params as $k=>$v) $body .= "\n| $k:\t$v"; $this->Procedura->comunicazione_s2s($identificativo?$identificativo:$this->identificativo, $body); $body .= "\nhttp://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI] " . date ("d-M-Y H:i:s", mktime()) . " " . __FILE__ . " " . __LINE__; $body .= "\n\n" . print_r(array('$_GET'=>$_GET, '$_POST'=>$_POST, '$_SERVER'=>$_SERVER, '$_SESSION'=>$_SESSION), TRUE); mail("carlo@tnx.it", "ERRORE S2S ".$this->nome_metodo, $body); } $this->pulisciOutput(); die(); case 'return_ko': return $this->Procedura->annulla(); break; // case 'error': // return $this->Procedura->errore(); // break; // case 'uncertain': // return $this->Procedura->incerto(); // break; } } function indiLingua(){ switch($GLOBALS['DATI']["lang"]) { case "ita": $this->lingua = "ITA"; break; default: $this->lingua = "EN"; break; } } } ?>