Hash Secure does not work when paying with MIGS
I have implemented MIGS payment service on my magento installation and is using vpc_php_serverhost_do.php. These are the Im values being passed to this file
<input type="hidden" name="virtualPaymentClientURL" size="63" value="https://migs.mastercard.com.au/vpcpay" maxlength="250">
<input type="hidden" name="vpc_Version" value="1" size="20" maxlength="8">
<input type="hidden" name="vpc_Command" value="pay" size="20" maxlength="16">
<input type="hidden" name="vpc_MerchTxnRef" value="<?php echo $orderId; ?>" size="20" maxlength="40">
<input type="hidden" name="vpc_AccessCode" value="<?php echo $access_code; ?>" size="20" maxlength="8">
<input type="hidden" name="vpc_Merchant" value="<?php echo $merchant; ?>" size="20" maxlength="16">
<input type="hidden" name="vpc_OrderInfo" value="<?php echo $orderId; ?>" size="20" maxlength="34">
<input type="hidden" name="vpc_Amount" value="<?php echo $amountInFils; ?>" size="20" maxlength="10">
<input type="hidden" name="vpc_Locale" value="en" size="20" maxlength="5">
<input type="hidden" name="vpc_ReturnURL" size="63" value="<?php echo $url;?>" maxlength="350">
<input type="hidden" name="vpc_user_SessionId" size="63" value="<?php echo $sessionId;?>" maxlength="350">
I provide a client supplied secret and the rest of the code looks like below
$vpcURL = $_POST["virtualPaymentClientURL"] . "?";
unset($_POST["virtualPaymentClientURL"]);
unset($_POST["SubButL"]);
$md5HashData = $SECURE_SECRET;
ksort ($_POST);
$appendAmp = 0;
foreach($_POST as $key => $value) {
if (strlen($value) > 0) {
if ($appendAmp == 0) {
$vpcURL .= urlencode($key) . '=' . urlencode($value);
$appendAmp = 1;
} else {
$vpcURL .= '&' . urlencode($key) . "=" . urlencode($value);
}
$md5HashData .= $value;
}
}
if (strlen($SECURE_SECRET) > 0) {
$vpcURL .= "&vpc_SecureHash=" . strtoupper(md5($md5HashData));
}
header("Location: ".$vpcURL);
It is redirected to the payment gateway as it should be. The problem is that the response I receive after payment is not encoded. the answer link is like this (for security reasons I changed the numbers with x)
https://xxxxxx/site_test/vpc_php_serverhost_dr.php?vpc_Amount=xx&vpc_BatchNo=x&vpc_Command=pay&vpc_Locale=en&vpc_MerchTxnRef=xxxxx&vpc_Merchant=xxxxx&vpc_Message=Cancelled&vpc_OrderInfo=xxxxx&vpc_SecureHash=xxxxxxxx&vpc_TransactionNo=x&vpc_TxnResponseCode=C&vpc_Version=xx
What should I do to encode the response url?
+3
source to share