Hash Secure does not work when paying with MIGS

Question

Hash Secure does not work when paying with MIGS

I have implemented MIGS payment service on my magento installation and is using vpc_php_serverhost_do.php. These are the Im values being passed to this file

<input type="hidden" name="virtualPaymentClientURL" size="63" value="https://migs.mastercard.com.au/vpcpay" maxlength="250">
<input type="hidden" name="vpc_Version" value="1" size="20" maxlength="8">
<input type="hidden" name="vpc_Command" value="pay" size="20" maxlength="16">
<input type="hidden" name="vpc_MerchTxnRef" value="<?php echo $orderId; ?>" size="20" maxlength="40">
<input type="hidden" name="vpc_AccessCode" value="<?php echo $access_code; ?>" size="20" maxlength="8">
<input type="hidden" name="vpc_Merchant" value="<?php echo $merchant; ?>" size="20" maxlength="16">
<input type="hidden" name="vpc_OrderInfo" value="<?php echo $orderId; ?>" size="20" maxlength="34">  
<input type="hidden" name="vpc_Amount" value="<?php echo $amountInFils; ?>" size="20" maxlength="10">  
<input type="hidden" name="vpc_Locale" value="en" size="20" maxlength="5">
<input type="hidden" name="vpc_ReturnURL" size="63" value="<?php echo $url;?>" maxlength="350">
<input type="hidden" name="vpc_user_SessionId" size="63" value="<?php echo $sessionId;?>" maxlength="350">

I provide a client supplied secret and the rest of the code looks like below

$vpcURL = $_POST["virtualPaymentClientURL"] . "?";

unset($_POST["virtualPaymentClientURL"]); 
unset($_POST["SubButL"]);

$md5HashData = $SECURE_SECRET;
ksort ($_POST);

$appendAmp = 0;

foreach($_POST as $key => $value) {
    if (strlen($value) > 0) {
        if ($appendAmp == 0) {
            $vpcURL .= urlencode($key) . '=' . urlencode($value);
            $appendAmp = 1;
        } else {
            $vpcURL .= '&' . urlencode($key) . "=" . urlencode($value);
        }
        $md5HashData .= $value;
    }
}

if (strlen($SECURE_SECRET) > 0) {
    $vpcURL .= "&vpc_SecureHash=" . strtoupper(md5($md5HashData));
}

header("Location: ".$vpcURL);

It is redirected to the payment gateway as it should be. The problem is that the response I receive after payment is not encoded. the answer link is like this (for security reasons I changed the numbers with x)

https://xxxxxx/site_test/vpc_php_serverhost_dr.php?vpc_Amount=xx&vpc_BatchNo=x&vpc_Command=pay&vpc_Locale=en&vpc_MerchTxnRef=xxxxx&vpc_Merchant=xxxxx&vpc_Message=Cancelled&vpc_OrderInfo=xxxxx&vpc_SecureHash=xxxxxxxx&vpc_TransactionNo=x&vpc_TxnResponseCode=C&vpc_Version=xx

What should I do to encode the response url?

+3

php payment magento payment-gateway mastercard

prdp 20 Aug 14 at 12:18

source to share

1 answer

user3712871 · Answer 1 · 2014-09-23T20:50:02+0000

Have you tried using:

<?php
$query_string = 'foo=' . urlencode($foo) . '&bar=' . urlencode($bar);
echo '<a href="mycgi?' . htmlentities($query_string) . '">';
?>

http://php.net/manual/en/function.urlencode.php

Hash Secure does not work when paying with MIGS

More articles: