PageRenderTime 45ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 0ms

/modules/sale/payment/eximb/payment.php

https://gitlab.com/alexprowars/bitrix
PHP | 106 lines | 94 code | 12 blank | 0 comment | 10 complexity | 2cddba5820912aaa727fe4773631d0d6 MD5 | raw file
    

  1. <?if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) die();?><?
    2. 

  2. include(GetLangFileName(dirname(__FILE__)."/", "/payment.php"));
    3. 

  3. if(!function_exists("bx_hmac"))
    4. 

  4. {
    5. 

  5. 	function bx_hmac($algo, $data, $key, $raw_output = false) 
    6. 

  6. 	{
    7. 

  7. 		$algo = mb_strtolower($algo);
    8. 

  8. 		$pack = "H".mb_strlen($algo("test"));
    9. 

  9. 		$size = 64; 
    10. 

  10. 		$opad = str_repeat(chr(0x5C), $size); 
    11. 

  11. 		$ipad = str_repeat(chr(0x36), $size); 
    12. 

  12. 

  13. 		if (mb_strlen($key) > $size) {
    14. 

  14. 			$key = str_pad(pack($pack, $algo($key)), $size, chr(0x00)); 
    15. 

  15. 		} else { 
    16. 

  16. 			$key = str_pad($key, $size, chr(0x00)); 
    17. 

  17. 		} 
    18. 

  18. 

  19. 		$lenKey = mb_strlen($key) - 1;
    20. 

  20. 		for ($i = 0; $i < $lenKey; $i++) { 
    21. 

  21. 			$opad[$i] = $opad[$i] ^ $key[$i]; 
    22. 

  22. 			$ipad[$i] = $ipad[$i] ^ $key[$i]; 
    23. 

  23. 		} 
    24. 

  24. 

  25. 		$output = $algo($opad.pack($pack, $algo($ipad.$data))); 
    26. 

  26. 		return ($raw_output) ? pack($pack, $output) : $output; 
    27. 

  27. 	} 
    28. 

  28. }
    29. 

  29. 

  30. $amount = CSalePaySystemAction::GetParamValue("SHOULD_PAY"); 
    31. 

  31. $amount = number_format($amount, 2, ".", "");
    32. 

  32. $currency = CSalePaySystemAction::GetParamValue("CURRENCY"); 
    33. 

  33. if($currency == '')
    34. 

  34. 	$currency = "UAH";
    35. 

  35. 

  36. $order = CSalePaySystemAction::GetParamValue("ORDER_ID"); 
    37. 

  37. if(mb_strlen($order) < 6)
    38. 

  38. {
    39. 

  39. 	$n = 6 - mb_strlen($order);
    40. 

  40. 	for($i = 0; $i < $n; $i++)
    41. 

  41. 		$order = "0".$order;
    42. 

  42. }
    43. 

  43. 

  44. $desc = trim(CSalePaySystemAction::GetParamValue("ORDER_DESC").CSalePaySystemAction::GetParamValue("ORDER_ID")); 
    45. 

  45. $m_name = CSalePaySystemAction::GetParamValue("MERCH_NAME"); 
    46. 

  46. $m_url = CSalePaySystemAction::GetParamValue("MERCH_URL"); 
    47. 

  47. $merchant = CSalePaySystemAction::GetParamValue("MERCHANT");
    48. 

  48. $terminal = CSalePaySystemAction::GetParamValue("TERMINAL");
    49. 

  49. $email = CSalePaySystemAction::GetParamValue("EMAIL"); 
    50. 

  50. $backref = htmlspecialcharsbx(CSalePaySystemAction::GetParamValue("SHOP_RESULT")); 
    51. 

  51. $mac = CSalePaySystemAction::GetParamValue("MAC");
    52. 

  52. 

  53. if(CSalePaySystemAction::GetParamValue("IS_TEST") <> '')
    54. 

  54. 	$server_url = "https://3ds.eximb.com:443/cgi-bin/cgi_test";
    55. 

  55. else
    56. 

  56. 	$server_url = "https://3ds.eximb.com/cgi-bin/cgi_link";
    57. 

  57. 

  58. $trtype = 0;  
    59. 

  59. $country = ""; 
    60. 

  60. $merch_gmt = ""; 
    61. 

  61. $time = ""; 
    62. 

  62. 

  63. $var = unpack("H*r", ToUpper(mb_substr(md5(uniqid(30)), 0, 8)));
    64. 

  64. $nonce = $var[r];
    65. 

  65. 

  66. $key = pack("H*", $mac);   
    67. 

  67. $time = gmdate("YmdHis", time());
    68. 

  68. 

  69. $sign = bx_hmac("sha1", 
    70. 

  70. 		($amount <> '' ? mb_strlen($amount).$amount : "-").
    71. 

  71. 		($currency <> '' ? mb_strlen($currency).$currency : "-").
    72. 

  72. 		($order <> '' ? mb_strlen($order).$order : "-").
    73. 

  73. 		($desc <> '' ? mb_strlen($desc).$desc : "-").
    74. 

  74. 		($m_name <> '' ? mb_strlen($m_name).$m_name : "-").
    75. 

  75. 		($m_url <> '' ? mb_strlen($m_url).$m_url : "-").
    76. 

  76. 		($merchant <> '' ? mb_strlen($merchant).$merchant : "-").
    77. 

  77. 		($terminal <> '' ? mb_strlen($terminal).$terminal : "-").
    78. 

  78. 		($email <> '' ? mb_strlen($email).$email : "-").
    79. 

  79. 		($trtype <> '' ? mb_strlen($trtype).$trtype : "-").
    80. 

  80. 		"--".
    81. 

  81. 		($time <> '' ? mb_strlen($time).$time : "-").
    82. 

  82. 		($nonce <> '' ? mb_strlen($nonce).$nonce : "-").
    83. 

  83. 		($backref <> '' ? mb_strlen($backref).$backref : "-")
    84. 

  84. 		, 
    85. 

  85. 		$key
    86. 

  86. 	);
    87. 

  87. ?>
    88. 

  88. 

  89. <form name="cardform" action="<?=$server_url?>" method="post">
    90. 

  90. 	<input type="hidden" name="TRTYPE" VALUE="<?=$trtype?>">
    91. 

  91. 	<input type="hidden" name="AMOUNT" value="<?=$amount?>">
    92. 

  92. 	<input type="hidden" name="CURRENCY" value="<?=$currency?>">
    93. 

  93. 	<input type="hidden" name="ORDER" value="<?=$order?>">
    94. 

  94. 	<input type="hidden" name="DESC" value="<?=htmlspecialcharsbx($desc)?>">
    95. 

  95. 	<input type="hidden" name="MERCH_NAME" value="<?=htmlspecialcharsbx($m_name)?>">
    96. 

  96. 	<input type="hidden" name="MERCH_URL" value="<?=htmlspecialcharsbx($m_url)?>">
    97. 

  97. 	<input type="hidden" name="MERCHANT" value="<?=htmlspecialcharsbx($merchant)?>">
    98. 

  98. 	<input type="hidden" name="TERMINAL" value="<?=htmlspecialcharsbx($terminal)?>">
    99. 

  99. 	<input type="hidden" name="EMAIL" value="<?=htmlspecialcharsbx($email)?>">
    100. 

  100. 	<input type="hidden" name="LANG" value="">
    101. 

  101. 	<input type="hidden" name="BACKREF" value="<?=$backref?>">
    102. 

  102. 	<input type="hidden" name="NONCE" value="<?=$nonce?>">
    103. 

  103. 	<input type="hidden" name="P_SIGN" value="<?=$sign?>">
    104. 

  104. 	<input type="hidden" name="TIMESTAMP" value="<?=$time?>">
    105. 

  105. 	<input type="submit" class="btn btn-primary" value="<?=GetMessage("PAY_BUTTON")?>" name="send_button">
    106. 

  106. </form>
    107.